Currently, when using public groups we are loading all the system users to memory. Depending on the number of users in the system this may be highly inefficient. We should try replacing the logic and use instead the sessions available at the moment.
See also for roster management concerns related to shared groups and group caching.
Passed basic sniff test (build/deploy) ... marking resolved pending further community feedback/testing.
After trying to upgrade Openfire 3.7.1 -> 3.8.0, it seems that this performance patch introduced a new bug when using hybrid authentication (MySQL + LDAP/readonly). The users can't see their group co-members anymore. User/group mapping is performed by LDAP whilst group policies are held in MySQL DB (table ofGroupProp); and there are 3 rows for each group like..:
If the group shall not be visible, there's a propValue "nobody" indicating this. This works fine with 3.7.1 even for hundreds of groups although the performance suffers a bit. But is there anything wrong with this philosophy?
Thanks for your advice in advance,
Hi Filip -
Yes, we inadvertently dropped support for shared groups in the read-only providers (including LDAP). This has been fixed in the latest nightly build and will be included with 3.8.1.
Refer to for more details.