saslauthd performance anxiety

simon.brady at otago.ac.nz simon.brady at otago.ac.nz
Thu Jan 9 20:58:41 EST 2003


Paul M Fleming wrote:

> Timing out the passwords is simple ( I think ) I would store the time
> when the entry is added and force a reauth if the password has been
> cached longer than a timeout (for example one hour ). That forces a
> reauth at least every timeout period of time. If an entry isn't in the
> cache (or if it is different the entry would be removed and ) a reauth
> would be forced. Every successfull auth would be added to the cache.

This whole idea sounds great, especially as I'd expect a lot of the 
authentication load to come from a small number of users with their 
clients set to check mail every few minutes.

For debugging it would help if there was a way to force a flush of the
entire cache, and one to dump its contents. I'm not sure how you'd get
saslauthd to recognise maintenance commands like this - maybe some method
of "out-of-band signalling", which seems better than tinkering with the
socket protocol.

--
Simon Brady                             mailto:simon.brady at otago.ac.nz
ITS Technical Services
University of Otago, Dunedin, New Zealand





More information about the Info-cyrus mailing list