Project

General

Profile

Bug #25795

LDAP - When User Group sync is enabled, user wait long time to authenticate / login

Added by Ondřej Ezr about 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ondřej Ezr
Category:
Performance
Target version:
-
Difficulty:
Triaged:
Yes
Bugzilla link:
1631005
Pull request:
https://github.com/theforeman/foreman/pull/6388
Fixed in Releases:
1.22.0
Found in Releases:
1.20.2
Red Hat JIRA:

Description

Description of problem:
Currently, there is a feature called User Group sync, so when enabled, Foreman will bind the external Auth Source and will try to match the user on User Group already defined on the Sat side. If match, the system will assign automatically the role related and on the fly / first login, the login page will be according to the roles.

This feature works fine when the account is member of few groups, but when we are talking about a huge number of groups this happens all the time the login process can spend a long time to conclude.

Version-Release number of selected component (if applicable):
1.20.x

How reproducible:
100%

Steps to Reproduce:
1. Configure the LDAP Auth
2. Create the user on AD
3. Create a bunch of groups on AD like 100
4. Add the user on all groups
5. Login on the Foreman via webUI with the User Group Sync enabled

Actual results:
Spend a long time to conclude the process/check and login.

Expected results:
Be faster then today.

Additional info:

[satellite-tech] External ldap usergroups - change proposal.eml [satellite-tech] External ldap usergroups - change proposal.eml 8.87 KB Change proposal comunication Ondřej Ezr, 02/18/2019 01:28 PM

Related issues

Related to Foreman - Bug #27402: The Foreman "forgets" group members after update to 1.22.0Closed
Related to Foreman - Bug #31165: LDAP usergroup sync makes logins very slowClosed

Associated revisions

Revision 17c4b47e (diff)
Added by Ondřej Ezr almost 4 years ago

Fixes #25795 - Improves external usergroups sync :racehorse: (#6388)

History

#1 Updated by Ondřej Ezr about 4 years ago

  • Description updated (diff)

#2 Updated by Ondřej Ezr about 4 years ago

  • Bugzilla link set to 1631005

#3 Updated by The Foreman Bot about 4 years ago

  • Pull request https://github.com/theforeman/foreman/pull/6388 added

#4 Updated by The Foreman Bot about 4 years ago

  • Status changed from New to Ready For Testing

#5 Updated by Ondřej Ezr about 4 years ago

Upon a disscusion, It have been decided to change the behabiour a bit.
See the pull request.

#7 Updated by Marek Hulán almost 4 years ago

  • Fixed in Releases 1.22.0 added

#8 Updated by Marek Hulán almost 4 years ago

  • Assignee set to Ondřej Ezr

#9 Updated by Anonymous almost 4 years ago

  • Status changed from Ready For Testing to Closed

#10 Updated by Tomer Brisker over 3 years ago

  • Related to Bug #27402: The Foreman "forgets" group members after update to 1.22.0 added

#11 Updated by Lukas Zapletal over 2 years ago

  • Related to Bug #31165: LDAP usergroup sync makes logins very slow added

Also available in: Atom PDF