Project

General

Profile

Actions

Bug #25795

closed

LDAP - When User Group sync is enabled, user wait long time to authenticate / login

Added by Ondřej Ezr over 5 years ago. Updated about 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Performance
Target version:
-
Difficulty:
Triaged:
Yes
Fixed in Releases:
Found in Releases:

Description

Description of problem:
Currently, there is a feature called User Group sync, so when enabled, Foreman will bind the external Auth Source and will try to match the user on User Group already defined on the Sat side. If match, the system will assign automatically the role related and on the fly / first login, the login page will be according to the roles.

This feature works fine when the account is member of few groups, but when we are talking about a huge number of groups this happens all the time the login process can spend a long time to conclude.

Version-Release number of selected component (if applicable):
1.20.x

How reproducible:
100%

Steps to Reproduce:
1. Configure the LDAP Auth
2. Create the user on AD
3. Create a bunch of groups on AD like 100
4. Add the user on all groups
5. Login on the Foreman via webUI with the User Group Sync enabled

Actual results:
Spend a long time to conclude the process/check and login.

Expected results:
Be faster then today.

Additional info:


Files


Related issues 2 (0 open2 closed)

Related to Foreman - Bug #27402: The Foreman "forgets" group members after update to 1.22.0ClosedOndřej EzrActions
Related to Foreman - Bug #31165: LDAP usergroup sync makes logins very slowClosedOndřej EzrActions
Actions #1

Updated by Ondřej Ezr over 5 years ago

  • Description updated (diff)
Actions #2

Updated by Ondřej Ezr over 5 years ago

  • Bugzilla link set to 1631005
Actions #3

Updated by The Foreman Bot over 5 years ago

  • Pull request https://github.com/theforeman/foreman/pull/6388 added
Actions #4

Updated by The Foreman Bot over 5 years ago

  • Status changed from New to Ready For Testing
Actions #5

Updated by Ondřej Ezr over 5 years ago

Upon a disscusion, It have been decided to change the behabiour a bit.
See the pull request.

Actions #7

Updated by Marek Hulán about 5 years ago

  • Fixed in Releases 1.22.0 added
Actions #8

Updated by Marek Hulán about 5 years ago

  • Assignee set to Ondřej Ezr
Actions #9

Updated by Anonymous about 5 years ago

  • Status changed from Ready For Testing to Closed
Actions #10

Updated by Tomer Brisker almost 5 years ago

  • Related to Bug #27402: The Foreman "forgets" group members after update to 1.22.0 added
Actions #11

Updated by Lukas Zapletal over 3 years ago

  • Related to Bug #31165: LDAP usergroup sync makes logins very slow added
Actions

Also available in: Atom PDF