[ejabberd] High server load with few users and external auth - isuser requests

Jens jens at sitedeveloper.de
Thu Apr 24 16:55:01 MSD 2008

Hello list members,

I'm currently developing a messenger for a social network and use
ejabberd as a backend server.
The client application resides in the users session at the server side.
Communication is done via http-polling, because we cannot store socket
handles in a session.
So the rough picture is:
Client <-> Webserver <-> ejabberd

I use the current version of ejabberd from process-one.net:

I currently use a PHP script with the external auth method to automate
and simplify the login mechanism.
The script works fine and does its job as far as I can judge. To the end
user this system works fine.

A few days ago I noticed, that the beam.smp process uses both cpu cores
to over 70% for many minutes which made me perplex, because we are
currently in a pre-alpha stage and are testing the system with about 122
chosen users (the number of online users is about 30 in the average).
The average roster item count for each user is approximately 280 items.
At the final stage I plan to have more than 10000 users online at a

As I tried to find out, why there is such a high load with such few
users, I noticed, that the external auth script was flooded with
isuser-requests. When the load dropped, the isuser-requests also
So I thought, that I could solve the Problem by looking for the related
part in the ejabberd source code and patching it there so that the
isuser-requests never reach the extauth-script to improve performance.
I think, that I found the right place in extauth.erl:

===== snip =====
is_user_exists(User, Server) -> 
     call_port(Server, ["isuser", User, Server]).
===== snap =====

Because our client application runs on server side and the user has no
way to directly communicate with ejabberd it is safe to return true for
every isuser-request (which is the same thing, that the extauth-script
does anyway). So I altered the function to:

===== snip =====
is_user_exists(User, Server) -> true.
===== snap =====

After that change, the load dropped a bit (to about 50% per core), but
not to a level where I could safely decide to let over thousand users
use the system.

That is the reason why I am writing to this list.

Could someone shed some light on this issue please?
Is that something I should not mind because it is normal behaviour, or
did I something badly wrong?

I'm not sure whether this is important but I implemented a filter for
usernames that denies the use of the system for usernames that contain
the following characters (according to RFC 3920, A.5.):

===== snip =====
   In addition, the following Unicode characters are also prohibited:

      #x22 (")
      #x26 (&)
      #x27 (')
      #x2F (/)
      #x3A (:)
      #x3C (<)
      #x3E (>)
      #x40 (@)
===== snap =====

Additionally, if I remember correct, this issue did not appear with
ejabberd version 1.1.3.

If you think I left out some crucial information, please tell me and I
will hand it in ASAP.
I'm looking forward to your replies.

Many thanks in advance and kind regards

More information about the ejabberd mailing list