ldap_cache_enabled for MariaDB Xpand
This page is part of MariaDB's Documentation.
The parent of this page is: System Variables for MariaDB Xpand
Topics on this page:
Overview
In 23.09:
Cache the results returned by LDAP search operations.
In 6.1, 6.0, 5.3:
Not present
See also: System Variables for MariaDB Xpand 23.09, in 6.1, in 6.0, and in 5.3
USAGE
The global value of the ldap_cache_enabled
system variable can be set by executing SET GLOBAL
:
SET GLOBAL ldap_cache_enabled = {true | false};
Using SET GLOBAL
to set the value of a global variable in Xpand causes a change that will persist on restart.
DETAILS
The ldap_cache_enabled
system variable allows to cache the results returned by LDAP search operations (disabled by default).
The LDAP query cache can help reduce load on the LDAP server, as well as reduce login latency if the LDAP server is for whatever reason far away from the Xpand cluster.
This cache is only for LDAP queries and their results, such as what is returned by the queries derived from the global variables ldap_group_query
and ldap_user_lookup_query
Since the raw LDAP query results are what is cached, and not the role mappings themselves, the final roles applied to a new LDAP session can change depending on the current existence of the roles in Xpand and the mapping strategy specified by the ldap_group_to_xpand_role
global variable.
The actual authentication step with the LDAP server still happens every time an LDAP user login happens through Xpand, and is not currently eligible for caching.
A trade-off of using this query cache is that changes to LDAP group membership may not be immediately reflected in the derived Xpand roles. For example, this can happen if the cache still contains a non-expired list of groups for a particular query derived from the global variable ldap_group_query
Each Xpand node has its own LDAP query cache.
Flush Cache
The cache can be flushed manually by running CALL system.ldap_cache_flush()
on the Xpand SQL prompt. Running this on a single node will flush the cache on all nodes.
SYNONYMS
SCHEMA
PARAMETERS
SKYSQL
PRIVILEGES
EXAMPLES
To enable the LDAP query cache:
SET GLOBAL ldap_cache_enabled = true;
To disable the LDAP query cache:
SET GLOBAL ldap_cache_enabled = false;
ERROR HANDLING
FEATURE INTERACTION
RESPONSES
DIAGNOSIS
ISO 9075:2016
CHANGE HISTORY
Release Series | History |
---|---|
23.09 |
|
6.1 |
|
6.0 |
|
5.3 |
|