Using the /v1/security/roles when the ?source=LDAP can lead to low memory conditions and general performance issues.
In general trying to list all external roles/groups in one operation is not a feasible operation to perform using NXRM APIs when the source is for external directories that contain many roles. Sonatype recommends using native tooling to perform such operations instead - in the case of LDAP servers, using ldapquery tools.
Change the implementation of the role listing API such that calling it will not lead to NXRM general instability and performance issues.
In the case of LDAP specifically, protect against trying to load into memory every external LDAP group.