View Issue Details

IDProjectCategoryView StatusLast Update
0026622mantisbtldappublic2020-04-02 06:35
Reporterdregad Assigned Todregad  
Status closedResolutionfixed 
Target Version2.23.1Fixed in Version2.23.1 
Summary0026622: LDAP API does not cache realname information

The LDAP API only implements caching on e-mail data, but not on realname.

Consequently, Mantis makes numerous, unnecessary LDAP searches to retrieve the same data over and over again, which can have a serious performance impact as described in 0026600.

Moreover, since email and realname information are retrieved separately, it doubles the number of LDAP queries when the system is configured to display realnames.

LDAP API needs to be optimized to properly cache information, and only access the LDAP server once per user.

TagsNo tags attached.


parent of 0026600 closeddregad Performance loss after update from 2.20.0 to 2.23.0 
related to 0026841 new Very bad performance with $g_use_ldap_email = ON 




2020-01-23 12:06

developer   ~0063501




2020-01-24 02:12

developer   ~0063506

I just realized that I had actually started working on tihis, back in 2011 (!) while I was still working at Merck... Then I moved on and stopped using LDAP / ADFS for auth so I never actually finalized the work. Looking at those nearly 10 years old commits, It is somewhat reassuring to find out that I reinvented nearly the same wheel this time around ;-)

Related Changesets

MantisBT: master-2.23 709fb78e

2020-01-23 11:32:07


Details Diff
Reduce number of LDAP searches

Prior to this, retrieving user information required 1 LDAP search each
time a user was referenced on a page (possibly 2 if Mantis is configured
to show the realname). This could have a significant performance impact
when displaying pages containing a large number of users (e.g. viewing
an Issue having a long history, as described in issue 0026600).

Implement a new ldap_cache_user_data() function to retrieve all needed
LDAP attributes in a single search, and cache them.

This way, we only need to query the LDAP server once per user,
subsequent calls only need to access the cache which drastically
improves performance.

Fixes 0026622, 0026600
Affected Issues
0026600, 0026622
mod - core/ldap_api.php Diff File