Performance issues

I built a privacyidea system, mainly to do radius authentication. In
use, we found privacyidea concurrent processing performance is not high.
We did a test to determine its performance. We wrote a python script to
test the users in sqlresolver, PIN code is privacyidea PIN code, and
launched more than 40 cases privacyidea authentication request can not be
processed will appear. Test users in ldapresolver, PIN code is the password
of ldap, and initiate more than 30 cases privacyidea authentication request
can not be processed will appear.
We suffered in an attack in the use of the authentication system
basically paralyzed. We want to know that you can improve performance by
privacyidea any other way.
thanks!

Hello Lei,

unfortunately I do not get your issue right.
Are you sending 40 requests or are you getting 40 timeouts?
How many concurrent requests are you sending?
What is your setup?

Also performance depends on many factors on your network. This is
difficult to discuss here.
To my knowledge you are running a modified version of privacyIDEA. What
are these implications?

I built a privacyidea system, mainly to do radius authentication.

In use, we found privacyidea concurrent processing performance is not
high.
We did a test to determine its performance. We wrote a python
script to test the users in sqlresolver, PIN code is privacyidea PIN
code, and launched more than 40 cases privacyidea authentication
request can not be processed will appear. Test users in ldapresolver,
PIN code is the password of ldap, and initiate more than 30 cases
privacyidea authentication request can not be processed will appear.
We suffered in an attack in the use of the authentication system
basically paralyzed.

You are totally right. You can run a denial of service attack by
flooding every service. You should think about firewall settings :slight_smile:

We want to know that you can improve performance
by privacyidea any other way.
thanks!

This is a matter of a professional consultancy.

Thank you.Am Montag, den 23.05.2016, 02:59 -0700 schrieb lei xiao:


Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/d6c8d68a-acc7-46fa-9ec1-972e2eb209c3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)