diff options
author | Ed Tanous <edtanous@google.com> | 2021-05-10 07:51:31 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2023-07-28 19:26:28 +0300 |
commit | 8ed41c35a314580bb794fa0fff2e01b0bf7efcf7 (patch) | |
tree | 414c891a4b384b8b008059c0f501ec90c4382484 /src | |
parent | 3a34b742207414e20eb928e982b7c217789e89d5 (diff) | |
download | bmcweb-8ed41c35a314580bb794fa0fff2e01b0bf7efcf7.tar.xz |
Cache user role in session object
There is an async call within the router that leads to a small, but
pervasive performance issue for all queries. Removing that call from the
router has the potential to increase the performance of every
authenticated query, and significantly reduce our dbus traffic for
"simple" operations.
This commit re-implements the role cache in session object that existed
previously many years ago. Each users role is fetched during
authentication and persisted in session object. Each successive request
can then be matched against the privilege which is there in the
in-memory session object.
This was discussed on below commit
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/39756
Tested by:
```
POST /redfish/v1/SessionService/Sessions {"UserName":"root", "Password": “0penBmc”}
```
Followed by redfish queries
Get /redfish/v1/AccountService
Tested user role persistency
Redfish service validator passes.
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I575599c29358e32849446ce6ee7f62c8eb3885f6
Diffstat (limited to 'src')
-rw-r--r-- | src/webserver_main.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/webserver_main.cpp b/src/webserver_main.cpp index 67e2aaef04..34fe18f07d 100644 --- a/src/webserver_main.cpp +++ b/src/webserver_main.cpp @@ -18,6 +18,7 @@ #include "security_headers.hpp" #include "ssl_key_handler.hpp" #include "user_monitor.hpp" +#include "user_role_map.hpp" #include "vm_websocket.hpp" #include "webassets.hpp" @@ -143,6 +144,9 @@ static int run() crow::hostname_monitor::registerHostnameSignal(); #endif + // Init the user role map + crow::UserRoleMap::getInstance(); + bmcweb::registerUserRemovedSignal(); app.run(); |