Problem with GeoFence roles checking

Description

When request a GetCapabilities with a user who have different roles (tested with 3, not admin) on the main wfs/wms URL (/geoserver/wfs), It took a very long time to generate the response (~10minutes).

If I set VERBOSE_MODE, I see in the log that for a single user, GeoFence seems to request LDAP for user and user's role a huge amount of time (cf attached file).

With tcpdump, I see a huge traffic on port 636 (ldaps) when requesting getcap document.

I think there is a huge problem with GeoFence access right checking as it took 10 minutes for a simple GetCapabilities.

Environment

Debian 9, Oracle JAVA 8
External OpenLDAP server configured as User, groups and roles service.
17 workspaces, 218 layers, 54 geofence's rules
On LDAP : 836 users and 124 roles

Status

Assignee

Unassigned

Reporter

Julien SABATIER

Triage

None

Fix versions

None

Affects versions

Components

Priority

High
Configure