Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-25135

/v1/security/roles list roles API not performant against sources with many roles

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.26.1, 3.33.0, 3.36.0
    • Fix Version/s: None
    • Component/s: LDAP, REST
    • Notability:
      3

      Description

      Using the /v1/security/roles when the ?source=LDAP can lead to low memory conditions and general performance issues.

      In general trying to list all external roles/groups in one operation is not a feasible operation to perform using NXRM APIs when the source is for external directories that contain many roles. Sonatype recommends using native tooling to perform such operations instead - in the case of LDAP servers, using ldapquery tools.

      Expected

      Change the implementation of the role listing API such that calling it will not lead to NXRM general instability and performance issues.

      In the case of LDAP specifically, protect against trying to load into memory every external LDAP group.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            plynch Peter Lynch
            Last Updated By:
            Joe Tom Joe Tom
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Date of First Response:

                tigCommentSecurity.panel-title