Poor performance due to LDAP cache with incorrect key
Problem
Performance is poor due to a large LDAP user base and a modified LDAP key name.
Diagnosis
In <confluence-home>/confluence/WEB-INF/classes/atlassian-user.xml
, the LDAP key has been changed from ldapRepository
. This is typical when configured for multiple LDAP repositories.
Prior to Confluence 3.0
The caches are configured in confluence-coherence-cache-config.xml
(or confluence-coherence-cache-config-clustered.xml
for clustered instance) which is stored in confluence/WEB-INF/classes/lib/confluence-x.x.x.jar (x.x.x is the Confluence version number). That file will contain an LDAP cache like this:
<cache-mapping>
<cache-name>com.atlassian.user.impl.ldap.LDAPUserManagerReadOnly.ldapRepository.users</cache-name>
<scheme-name>user</scheme-name>
</cache-mapping>
Confluence 3.0 to 5.5
The caches are configured in ehcache.xml (for standard editions) or confluence-coherence-cache-config-clustered.xml (for clustered editions) which is stored in <confluence-home>/config/. The clustered cache will look like what's described in the section above. The section to be renamed in ehcache is here:
<!-- --><cache name="com.atlassian.user.impl.ldap.LDAPGroupManagerReadOnly.ldapRepository.groups" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="300" timeToLiveSeconds="0" overflowToDisk="false" />
<!-- --><cache name="com.atlassian.user.impl.ldap.LDAPGroupManagerReadOnly.ldapRepository.groups_getGroupsForUser" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="300" timeToLiveSeconds="0" overflowToDisk="false" />
<!-- --><cache name="com.atlassian.user.impl.ldap.LDAPGroupManagerReadOnly.ldapRepository.groups_hasMembership" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="300" timeToLiveSeconds="0" overflowToDisk="false" />
<!-- --><cache name="com.atlassian.user.impl.ldap.LDAPGroupManagerReadOnly.ldapRepository.repositories" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="300" timeToLiveSeconds="0" overflowToDisk="false" />
<!-- --><cache name="com.atlassian.user.impl.ldap.LDAPUserManagerReadOnly.ldapRepository.users" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="300" timeToLiveSeconds="0" overflowToDisk="false" />
<!-- --><cache name="com.atlassian.user.impl.ldap.LDAPUserManagerReadOnly.ldapRepository.groups_getGroupsForUser" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="300" timeToLiveSeconds="0" overflowToDisk="false" />
<!-- --><cache name="com.atlassian.user.impl.ldap.LDAPUserManagerReadOnly.ldapRepository.repository" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="300" timeToLiveSeconds="0" overflowToDisk="false" />
<!-- --><cache name="com.atlassian.user.impl.ldap.LDAPUserManagerReadOnly.ldapRepository.users_ro" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="300" timeToLiveSeconds="0" overflowToDisk="false" />
Confluence 5.6 and later
The caches are configured in <confluence-home>/shared-home/config/cache-settings-overrides.properties
for Confluence Server (standard) or <confluence-shared-home>/config/cache-settings-overrides.properties
for Confluence Data Center (clustered).
The section to be renamed in cache-settings-overrides.properties
is the same as the ehcache example above.
Cause
The cache-name does not correspond to the LDAP key.
Resolution
Rename ldapRepository
to your LDAP key name. If you are using a version prior to 3.0 Extracting and placing the XML file in /WEB-INF/classes/ will override the configuration file in the JAR file. For those using 3.0 and greater a direct edit of file in <confluence-home>/config/
will be sufficient. See Cache Performance Tuning for details on configuring this cache. Also review
CONFSERVER-14864
-
Getting issue details...
STATUS
for a related suggestion.