May 11, 2004

OpenLDAP proxy cache

Trying to get OpenLDAP 2.2.11 on SHANTI to act as a proxy caching server.

Some things so far:

  • The queries are very limited: for a query to hit the cache, it has to be exactly the same query with either the same attributes requested or a subset of those attributes.
  • If a query is going to be cached, it has to have a proxy attribute set (proxyattrset) of exactly the attributes that are requested — not a subset (that is, you must have a set for mail by itself as well as cn and mail).

I’ve gotten as far as having slapd recognize that a query is cacheable, but there seems to be an error on insert into the cache database, using both BDB and LDBM. The second query (exactly the same, as far as I can tell), yields a “32 No such object” result. That’s what I’m currently working on.

——

The problem seems to be in granting write access to the BDB or LDBM backend. I’ve not found any indications on how to solve this problem, however.

——

AHA! If we set a rootdn and a rootpw for the ldap database (doesn’t have to be anything related to what’s in Sun ONE), then it can suddenly write to the local cache backend. Would that this were documented somewhere…

Posted by Rowan Littell at May 11, 2004 04:53 PM