Virtual Attribute
ChallengeThere are many situations where storing particular information in the longer term does not make much sense. If information is disposable, such as in the case of a session identifier, it is unlikely that you really want to store this in your LDAP directory or database. Firstly, it creates unnecessary processing and network overhead across a tiered infrastructure. Then you have the additional problem of heavy disk usage, for regular reads, robbing you of I/O bandwidth for more important tasks. If you're synchronizing, this gets even uglier, with changes constantly being replicated across your LDAP infrastructure.
Solution
With Symlabs Virtual Directory Server or LDAP Proxy in place, you can take advantage of the In Memory Attribute plugin, which allows you to store attributes in memory without passing them to the backend servers. This can come in handy if you have high write load to specific attributes that are short-lived (i.e. session IDs, or similar transitory attributes), as it will greatly improve the overall performance of your deployment.
The attribute values are stored in memory for the running process. In this way, they are only stored during the lifetime of the running process.
The Memory Attribute plugin also provides an optional time-to-live (TTL) setting for attribute values. If set, this value notifies the plugin that the value of the shadow attribute should only be returned if it has been used (read or written) during the interval defined by this value, so that the value is effectively automatically removed after it has not been used for the number of seconds specified. This optional feature has been designed particularly for session IDs or similar data.
If you are looking for a mechanism to store specific attributes outside of the current backend LDAP directory,
and wish the storage for these values to be persistent (i.e. survive a restart), you can use the Join Entries
plugin, in conjunction with an alternate backend, instead.