Lyonel Posted September 22, 2016 Posted September 22, 2016 Hi, Following issues with the ldap user import utility, I had a look a the source code to try and determine the source of the problem. It turns out it is proxy related. So my question is the following: once you get the list of profiles from the AD, you have a loop that checks if the user already exists and the update or create. Instead of opening a connection, updating / creating a user profile and closing the connection every time you call a web method on the API, would it be possible to open a single connection and close it upon completion or error? The reason I am asking is because the current method generates a lot of login / logout for, from my perspective, no real reasons. What do you think? Thanks, Lyonel
TrevorKillick Posted September 22, 2016 Posted September 22, 2016 Hi Lyonel There is no login / out as we use API keys once the first API call establishes a session a session cookie is set and used throughout the process. When we enable HTTP/2.0 on our API endpoint the process will automatically create one HTTP connection and use this though out the import. Can you let me know why login / logouts you are noticing? Kind Regards Trevor Killick
Lyonel Posted September 29, 2016 Author Posted September 29, 2016 Sure (sorry you saw you reply today only!) See below a Wire shark trace I ran whilst I was running the interface. Also, looking at the source code on github, I believe (although not an export in Go) that you do loop for each user onto a method in which you login/logout? processUsers then call in another loop updateUser: and finally in updateUser, you reset the connection every time, no?
TrevorKillick Posted September 29, 2016 Posted September 29, 2016 Hi @Lyonel We create a new connection in Go Lang inside the loop for concurrency so this can run in parallel, when we create a new connection there is no login what happens here is we call admin::userUpdate and pass the API key in the payload, the Server checks this API and sees that we already have a valid session (This would have been created when the first API call hits carrying the API Key and is valid for a certain amount of time), and allows the API call to process. So we do create a new XMLMC Class every time the loop runs but this does not call an additional Login / Logouts, due to our XMLMC endpoint not yet supporting HTTP/2.0 it will use multiple TCP/IP connections while doing this, once we enable HTTP/2.0 in the future this will all get pipelined down 1 TCP/IP connection. Kind Regards Trevor Killick
Lyonel Posted September 29, 2016 Author Posted September 29, 2016 Ah! For some reason I thought you did support HTTP/2.0 which is why I was mislead. My bad Great explanation though @TrevorKillick, thanks so much for your time and patience.
TrevorKillick Posted September 29, 2016 Posted September 29, 2016 Hi @Lyonel Oddly enough we did for about 3 days then we noticed an issue with out iOS Applications and had to revert back. Not a problem, alway nice for a customer to dive into our Open Source Tools and question our methodology. Kind Regards Trevor Killick
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now