Authentication using user_external modules can be costly, especially in case of a remote authenticating server addressed over Internet. It might be beneficial in such setup to cache the fact that a specific pair ($uid,$passord) was recently checked and is valid. Of course, such caching should be disabled by default, and the default cache validity time should be low enough (say, 1 minute).
Authentication using user_external modules can be costly, especially in case of a remote authenticating server addressed over Internet. It might be beneficial in such setup to cache the fact that a specific pair ($uid,$passord) was recently checked and is valid. Of course, such caching should be disabled by default, and the default cache validity time should be low enough (say, 1 minute).