Changed
-
Reduce load on LDAP server and cache user groups response in an in-memory cache when RBAC
remote LDAP group to local RBAC role synchronization feature is enabled.Previously on authentication the code would hit LDAP server multiple times to retrieve user
groups. With this change, user LDAP groups are only retrieved once upon authentication and
cached and re-used in-memory by default for 120 seconds.This reduces load on LDAP server and improves performance upon regular and concurrent user
authentication.This functionality can be disabled by setting
cache_user_groups_responseLDAP
authentication backend kwarg tofalse.Note: This change only affects users which utilize RBAC with remote LDAP groups to local RBAC
roles synchronization feature enabled. (enterprise) (bug fix) #4103 #4105
Fixed
-
Fix an issue (race condition) which would result in not all the remote LDAP groups being
synchronized with local RBAC roles if a user tried to authenticate with the same auth token
concurrently in a short time frame.Note: This issue only affects users which utilize RBAC with remote LDAP groups to local RBAC
roles synchronization feature enabled. (enterprise) (bug fix) #4103 #4105 -
Fix an issue with some sensors which rely on
select.poll()(FileWatch, GithubSensor, etc.)
stopped working with StackStorm >= 2.7.0.StackStorm v2.7.0 inadvertently introduced a change which broke a small set of sensors which
rely onselect.poll()functionality. (bug fix) #4118 -
Throw if
idCLI argument is not passed to thest2-track-resultscript. (bug fix) #4115 -
Fixed pack config's not properly rendering Jinja expressions within lists. (bugfix) #4121
Contributed by Nick Maludy (Encore Technologies).
-
Fixed pack config rendering error throw meaningful message when a Jinja syntax error is
encountered. (bugfix) #4123Contributed by Nick Maludy (Encore Technologies).