Browseable session backend (<ahref="https://metacpan.org/pod/Apache::Session::Browseable"class="urlextern"title="https://metacpan.org/pod/Apache::Session::Browseable"rel="nofollow">Apache::Session::Browseable</a>) works exactly like Apache::Session::* corresponding module but add index that increase <ahref="documentation/features.html#session_explorer"class="wikilink1"title="documentation:features">session explorer</a> and <ahref="documentation/features.html#session_restrictions"class="wikilink1"title="documentation:features">session restrictions</a> performances.
If you use features like <abbrtitle="Security Assertion Markup Language">SAML</abbr> (authentication and issuer), <abbrtitle="Central Authentication Service">CAS</abbr> (issuer) and password reset self-service, you also need to index some fields.
</p>
<divclass="noteclassic">Without index, <abbrtitle="LemonLDAP::NG">LL::NG</abbr> will have to retrieve all sessions stored in backend and parse them to find the needed sessions. With index, <abbrtitle="LemonLDAP::NG">LL::NG</abbr> wil be able to get only wanted sessions from the backend.
</div>
<p>
The following table list fields to index depending on the feature you want to increase performance:
See Apache::Session::Browseable::* man page to see how use indexes.
</p>
<divclass="noteimportant"><em>WHATTOTRACE</em> must be replaced by the attribute or macro configured in the What To Trace parameter (REMOTE_USER). By default: <strong>_whatToTrace</strong>
</div><divclass="notetip">It is advised to use separate session backends for standard sessions, <abbrtitle="Security Assertion Markup Language">SAML</abbr> sessions and <abbrtitle="Central Authentication Service">CAS</abbr> sessions, in order to manage index separately.
</div><divclass="noteclassic">Documentation below explains how set index on ipAddr and _whatToTrace. Adapt it to configure the index you need.
You can use Redis and set up the database like explained in <ahref="nosqlsessionbackend.html"class="wikilink1"title="documentation:2.0:nosqlsessionbackend">Redis session backend</a>.
</p>
<p>
You then just have to add the <code>Index</code> parameter in <code>General parameters</code> » <code>Sessions</code> » <code>Session storage</code> » <code>Apache::Session module</code> :
<divclass="noteclassic">This documentation concerns PostgreSQL. Some adaptations are needed with other databases. When using Apache::Session::Browseable::Postgres, it is strongly recommended to use version 1.3.1 at least. See <ahref="https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1732"class="urlextern"title="https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1732"rel="nofollow">bug 1732</a>.
Database must be prepared exactly like in <ahref="sqlsessionbackend.html#prepare_the_database"class="wikilink1"title="documentation:2.0:sqlsessionbackend">SQL session backend</a> except that a field must be added for each data to index.
<divclass="noteimportant">Data written to UNLOGGED tables is not written to the WAL, which makes them considerably faster than ordinary tables. However, they are not crash-safe: an unlogged table is automatically truncated after a crash or unclean shutdown. The contents of an unlogged table are also not replicated to standby servers. Any indexes created on an unlogged table are automatically unlogged as well.
“id” fieds is set to <code>varchar(64)</code> (instead of char(32)) to use the now recommended SHA256 hash algorithm. See <ahref="documentation/latest/sessions.html"class="wikilink1"title="documentation:latest:sessions">Sessions</a> for more details.
</p>
<divclass="notetip">With new Apache::Session::Browseable::<strong>PgHstore</strong> and <strong>PgJSON</strong>, you don't need to declare indexes in <code>CREATE TABLE</code> since “json” and “hstore” type are browseable. You should anyway add some indexes <em>(see manpage)</em>.
Go in the Manager and set the session module (<ahref="https://metacpan.org/pod/Apache::Session::Browseable::MySQL"class="urlextern"title="https://metacpan.org/pod/Apache::Session::Browseable::MySQL"rel="nofollow">Apache::Session::Browseable::MySQL</a> for MySQL) in <code>General parameters</code> » <code>Sessions</code> » <code>Session storage</code> » <code>Apache::Session module</code> and add the following parameters (case sensitive):
Go in the Manager and set the session module to <code>Apache::Session::Browseable::LDAP</code>. Then configure the options like in <ahref="ldapsessionbackend.html"class="wikilink1"title="documentation:2.0:ldapsessionbackend">LDAP session backend</a>.
</p>
<p>
You need to add the <code>Index</code> field and can also configure the <code>ldapAttributeIndex</code> field to set the attribute name where index values will be stored.
<thclass="col0 centeralign"> Name </th><thclass="col1 centeralign"> Comment </th><thclass="col2 centeralign"> Example </th>
</tr>
</thead>
<trclass="row2 roweven">
<tdclass="col0 centeralign"><strong>ldapServer</strong></td><tdclass="col1"><abbrtitle="Uniform Resource Identifier">URI</abbr> of the server </td><tdclass="col2"> ldap://localhost </td>
</tr>
<trclass="row3 rowodd">
<tdclass="col0 centeralign"><strong>ldapConfBase</strong></td><tdclass="col1"><abbrtitle="Distinguished Name">DN</abbr> of sessions branch </td><tdclass="col2"> ou=sessions,dc=example,dc=com </td>
<thclass="col0 centeralign"> Name </th><thclass="col1 centeralign"> Comment </th><thclass="col2 centeralign"> Default value </th>
</tr>
<trclass="row9 rowodd">
<tdclass="col0 centeralign"><strong>ldapObjectClass</strong></td><tdclass="col1"> Objectclass of the entry </td><tdclass="col2"> applicationProcess </td>
</tr>
<trclass="row10 roweven">
<tdclass="col0 centeralign"><strong>ldapAttributeId</strong></td><tdclass="col1"> Attribute storing session ID </td><tdclass="col2"> cn </td>
You can also use different user/password for your servers by overriding parameters <code>globalStorage</code> and <code>globalStorageOptions</code> in lemonldap-ng.ini file.