Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verdaccio generates lots of authentication requests to LDAP #37

Closed
rankun203 opened this issue Jun 22, 2018 · 7 comments
Closed

Verdaccio generates lots of authentication requests to LDAP #37

rankun203 opened this issue Jun 22, 2018 · 7 comments

Comments

@rankun203
Copy link

rankun203 commented Jun 22, 2018
edited
Loading

and possibly crashes LDAP.

I'm currently investigating on an issue that causes our npm-registry stopped working.

On first sight, it's LDAP that stopped working, as you can see in this issue, it failed with too many open files error.

If we use yarn add <package>, then everything is fine, but if we use npm install, registry server is constantly requesting ldap server and finally at some point, ldap server crashes.

I had to restart ldap server twice to let npm install a package.

Possible reasons:

  • Registry server logs have a lot of warnings

    warn --- basic authentication is deprecated, please use JWT instead

    I'm thinking that if jwt is used, registry server need only one request to ldap server while login the user with npm adduser (maybe).

  • I have cache: True set in ldap settings (it was False, I'm testing with True), maybe it's not working.

  • Our OpenLDAP server is too weak to handle that many requests(config issue).
@rankun203 rankun203 changed the title Registry generates lots of authentication requests to LDAP Verdaccio generates lots of authentication requests to LDAP Jun 22, 2018
@juanpicado
Copy link
Contributor

Refers to verdaccio/verdaccio#732

@rankun203
Copy link
Author

@juanpicado I'm a little curious how jwt works in Verdaccio and its plugins? I thought it's perfect for distributed authentication. Also I noted Verdaccio is warning about not using jwt, so I guess Verdaccio may supports some feature about it.

@juanpicado
Copy link
Contributor

@rankun203 we are working on normalizing the Token Authentication. verdaccio/verdaccio#168 (comment)

Remember this project never was documented and really really hard to maintain, nowadays is not a problem anymore, but some spots are still WIP, token is one of them. JWT will be soon the main feature to be implemented.

@kopax
Copy link
Contributor

kopax commented Jul 6, 2018
edited
Loading

Hi @juanpicado , I am still looking forward to re-use ldap plugin when I'll get time to work on it.

I don't really get how #168 can help with the authentication spam the backend service.

How will the JWT solve that ? What's the status?

Also, what is the opinion of @Alexandre-io about it? How did you manage to use this plugin in real life we were only having LDAP not handling one request and failing the npm install command...

@juanpicado
Copy link
Contributor

juanpicado commented Jul 6, 2018
edited
Loading

#168 won't solve that issue. It was just a comment about the current roadmap. Status is in backlog at the moment.

@kopax kopax mentioned this issue Jul 19, 2018
Closed
Alexandre-io added a commit that referenced this issue Jul 24, 2018
@Alexandre-io
Merge pull request #40 from kopax/master
0581ca6 
feat(authCache): added auth cache to fix #37 #39 #35 #33
@Alexandre-io Alexandre-io reopened this Jul 24, 2018
@Alexandre-io
Copy link
Owner

Can you give me your feedback with verdaccio 3.3.0 and verdaccio-ldap 2.3.0? thx

@kopax kopax mentioned this issue Jul 25, 2018
Closed
@Alexandre-io Alexandre-io mentioned this issue Jul 25, 2018
Merged
@kopax
Copy link
Contributor

kopax commented Sep 19, 2018

Did anyone succeeded to activate the cache with latest version?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@juanpicado @kopax @rankun203 @Alexandre-io