Browseable session backend (Apache::Session::Browseable) works exactly like Apache::Session::* corresponding module but add index that increase session explorer and session restrictions performances.
If you use features like SAML (authentication and issuer), CAS (issuer) and password reset self-service, you also need to index some fields.
The following table list fields to index depending on the feature you want to increase performance:
Feature | Fields to index |
---|---|
Database cleaup (cron) | _session_kind _utime |
Session explorer | _session_kind ipAddr WHATTOTRACE |
Session explorer (persistent sessions) | _session_kind _session_uid |
Session restrictions | _session_kind ipAddr WHATTOTRACE |
See Apache::Session::Browseable::* man page to see how use indexes.
You can use Redis and set up the database like explained in Redis session backend.
You then just have to add the Index
parameter in General parameters
» Sessions
» Session storage
» Apache::Session module
:
Required parameters | ||
---|---|---|
Name | Comment | Example |
server | Redis server | 127.0.0.1:6379 |
Index | Index | _whatToTrace ipAddr |
Database must be prepared exactly like in SQL session backend except that a field must be added for each data to index.
Apache::SESSION::Browseable::Postgres example: <code sql> CREATE UNLOGGED TABLE sessions ( id VARCHAR(64) NOT NULL PRIMARY KEY, a_session text, _whatToTrace text, _session_kind text, _utime BIGINT, ipAddr text ); CREATE INDEX uid1 ON sessions USING BTREE (_whatToTrace); CREATE INDEX s1 ON sessions (_session_kind); CREATE INDEX u1 ON sessions (_utime); CREATE INDEX ip1 ON sessions USING BTREE (ipAddr);
“id” fieds is set to varchar(64)
(instead of char(32)) to use the now recommended SHA256 hash algorithm. See Sessions for more details.
CREATE TABLE
since “json” and “hstore” type are browseable. You should anyway add some indexes (see manpage).
Go in the Manager and set the session module (Apache::Session::Browseable::MySQL for MySQL) in General parameters
» Sessions
» Session storage
» Apache::Session module
and add the following parameters (case sensitive):
Required parameters | ||
---|---|---|
Name | Comment | Example |
DataSource | The DBI string | dbi:Pg:database=sessions |
UserName | The database username | lemonldapng |
Password | The database password | mysuperpassword |
Index | Index | _whatToTrace ipAddr _session_kind _utime |
For databases like PostgreSQL, don't forget to add “Commit” with a value of 1
Go in the Manager and set the session module to Apache::Session::Browseable::LDAP
. Then configure the options like in LDAP session backend.
You need to add the Index
field and can also configure the ldapAttributeIndex
field to set the attribute name where index values will be stored.
Required parameters | ||
---|---|---|
Name | Comment | Example |
ldapServer | URI of the server | ldap://localhost |
ldapConfBase | DN of sessions branch | ou=sessions,dc=example,dc=com |
ldapBindDN | Connection login | cn=admin,dc=example,dc=password |
ldapBindPassword | Connection password | secret |
Index | Index list | _whatToTrace ipAddr |
Optional parameters | ||
Name | Comment | Default value |
ldapObjectClass | Objectclass of the entry | applicationProcess |
ldapAttributeId | Attribute storing session ID | cn |
ldapAttributeContent | Attribute storing session content | description |
ldapAttributeIndex | Attribute storing index | ou |
Restrict network access to the backend.
You can also use different user/password for your servers by overriding parameters globalStorage
and globalStorageOptions
in lemonldap-ng.ini file.
Here are some recommended configurations:
Browseable::Postgres:
CREATE UNLOGGED TABLE sessions ( id VARCHAR(64) NOT NULL PRIMARY KEY, a_session text, _whatToTrace text, _session_kind text, _utime BIGINT, ipAddr VARCHAR(64) ); CREATE INDEX uid1 ON sessions USING BTREE (_whatToTrace text_pattern_ops); CREATE INDEX _s1 ON sessions (_session_kind); CREATE INDEX _u1 ON sessions (_utime); CREATE INDEX ip1 ON sessions USING BTREE (ipAddr)
Browseable::MySQL:
CREATE TABLE sessions ( id VARCHAR(64) NOT NULL PRIMARY KEY, a_session text, _whatToTrace VARCHAR(64), _session_kind VARCHAR(15), _utime BIGINT ); CREATE INDEX uid1 ON sessions (_whatToTrace) USING BTREE; CREATE INDEX _s1 ON sessions (_session_kind); CREATE INDEX _u1 ON sessions (_utime); CREATE INDEX ip1 ON sessions (ipAddr) USING BTREE;