Re: Performance critical technical key - Mailing list pgsql-general
| From | Pierre-Frédéric Caillaud |
|---|---|
| Subject | Re: Performance critical technical key |
| Date | |
| Msg-id | opscnqyoeccq72hf@musicbox Whole thread Raw |
| In response to | Performance critical technical key (Geoff Caplan <geoff@variosoft.com>) |
| Responses |
Re: Performance critical technical key
|
| List | pgsql-general |
You could use apache mod_auth_tkt :
http://www.openfusion.com.au/labs/mod_auth_tkt/
Its main advantage is that it'll authentify a user, hence your script
gets the user ID, which you can use as a key in your session table for
instance.
Cut & paste for the lazies :
mod_auth_tkt is a lightweight cookie-based authentication module for
Apache 1.3.x, written in C. It implements a single-signon framework that
works across multiple apache instances and multiple machines. The actual
authentication is done by a user-supplied CGI or script in whatever
language you like (examples are provided in Perl), meaning you can
authenticate against any kind of user repository you can access (password
files, ldap, databases, etc.)
mod_auth_tkt supports inactivity timeouts (including the ability to
control how aggressively the ticket is refreshed), the ability to include
arbitrary user data within the cookie, configurable cookie names and
domains, and token-based access to subsections of a site.
mod_auth_tkt works by checking incoming Apache requests for a (user-
defined) cookie containing a valid authentication ticket. The ticket is
checked by generating an MD5 checksum for the username and any (optional)
user data from the ticket together with the requesting IP address and a
shared secret available to the server. If the generated MD5 checksum
matches the ticket's checksum, the ticket is valid and the request is
authorised. Requests without a valid ticket are redirected to a
configurable URL which is expected to validate the user and generate a
ticket for them. This package includes both a sample C executable and a
Perl module for generating the cookies; implementations for other
environments should be relatively straightforward.
> Hi folks
>
> I'm designing a table to be used for web session management. If all
> goes well with the project, the table should have 100,000+ records and
> be getting hammered with SELECTS, INSERTS and UPDATES.
>
> The table will need a technical key. The question is, what is the most
> efficient way to do this?
>
> a) Generate a random 24 character string in the application. Very
> quick for the INSERTs, but will the longer key slow down the the
> SELECTs and UPDATES?
>
> b) Use a sequence. Faster for the SELECTS and UPDATES, I guess, but
> how much will the sequence slow down the INSERTS on a medium sized
> record-set?
>
> There will probably be 6-8 SELECTs & UPDATEs for each INSERT.
>
> I appreciate that I could set up some tests, but I am under the hammer
> time-wise. Some rule-of-thumb advice from the list would be most
> welcome.
>
> ------------------
> Geoff Caplan
> Vario Software Ltd
> (+44) 121-515 1154
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
>
pgsql-general by date: