Taking advantage of LDAP auth to serve 1000+ unique customers with individual resource limits.

Aleksei Member Posts: 14

The problem:
Company customer base is above 1000 client username limit of Standard edition broker. There is also a need to limit the number of connections/resources per unique customer.
The solution to username limit:
By setting up LDAP authorization, the broker will match directory entry with the client entered username. It will extract group membership and match it to client profile preconfigured for that LDAP group. A client username will get generated dynamically for the duration of a connection and will be removed after a session is disconnected. Matched client profile can set individual "per client username" resource limits. I.E. three device connections per unique customer.
This way a large base of customers can use a single instance up to its concurrent connection limit. What about increasing this connection limit?
The solution to the connection limit:
A single abbreviation for the solution - DMR. Using Dynamic Message Routing combined with a load balancer, host list session settings or simply round robbing the hostnames/IPs on the client until connected. This will allow a single "logical" VPN to spread across physical nodes and increase your connection limits.


  • marc
    marc Member, Administrator, Moderator, Employee Posts: 877 admin

    Awesome @Aleksei.
    Welcome to the Solace Community and thanks for sharing some great tips as part of your first post!

    I'd love to hear more about what you're using the solace event brokers for :)


  • Aleksei
    Aleksei Member Posts: 14

    Thank you for warm welcome @marc !
    I've been a user of Solace brokers for about 5 years now. It was already an impressive product back then and second to none, I'm glad it is still the case and just gets better.
    I mostly worked with Solace brokers powering flow of financial data streams in trading companies. Like feeding trading platforms with quotes and executions, trading gateways, real-time risk management, monitoring, statistics, various other backend systems and widgets.
    I used pretty much every feature it has to offer over the years and learned that it is easier to convince somebody that their problem can be solved using it rather explaining all the things that it can do.

  • marc
    marc Member, Administrator, Moderator, Employee Posts: 877 admin

    Haha, yes, there is definitely a laundry list of features and it helps when you can zoom in on solving a certain problem.
    I'm glad you've had a great experience with the product over the years and look forward to the next insight that you share :)

  • himanshu
    himanshu Member, Employee Posts: 67 Solace Employee

    Thanks for sharing this @Aleksei ! Nice to have an experienced user like you here!