SP metadata cache keeps growing
Peter Schober
peter.schober at univie.ac.at
Thu Feb 27 16:35:28 EST 2020
* Cantor, Scott <cantor.2 at osu.edu> [2020-02-27 20:49]:
> I have not seen anything resembling that bad a result, so that means
> something's probably really wrong. Maybe the signature step is that
> bad now, but I didn't think so. I know the parsing isn't.
With signature valdidation:
# time systemctl start shibd
real 76m27.798s
2020-02-27 19:39:10 INFO OpenSAML.MetadataProvider : applying metadata filter (Signature)
2020-02-27 20:55:30 INFO OpenSAML.MetadataProvider : applying metadata filter (EntityRoleWhiteList)
Without:
# time systemctl start shibd
real 0m6.974s
2020-02-27 21:29:33 INFO OpenSAML.MetadataProvider : applying metadata filter (RequireValidUntil)
2020-02-27 21:29:33 INFO OpenSAML.MetadataProvider : applying metadata filter (EntityRoleWhiteList)
> If it's the signature, then it's first time mostly. If not, it's every time.
So I guess this is good, as it at least doesn't happen on restarts
when verifyBackup="false" is set.
Still requires setting a rather large timeout for the software to
start the very first time.
-peter
More information about the users
mailing list