In my first post in this series, I discussed how and where to set up XML Metadata extraction in an Alfresco WCM environment to optimize Alfresco System Receiver (ASR) performance. Though this is a useful optimization, it’s probably not the #1 most important thing you can optimize. ASRs are designed to enable the retrieval of content, so optimizing that process is going to provide the most impactful results.
One of the major features Alfresco brings to the table as an ECM system is the ability to secure content by user, group, or role (or some combination thereof). As such, when searches are carried out on behalf of a user, results are pruned by default by the Alfresco PermissionService, thus only returning results that the authenticated user has read access to.
In the case of an ASR though, content is typically retrieved by a single calling application using a single login. This very common scenario does not require “pruning” of content that the calling application is trying to retrieve. Avoiding the unnecessary (and expensive) calls to the database for permission checking, particularly as the resulting content set grows in size, would yield significant savings in response time. Therefore, it is very simple in Alfresco to turn off permissions checking via configuration, which will turn off permission checking repository wide. Note that this should be done with extreme care – not all use cases are created the same, so be sure to fully evaluate your specific requirements before taking this action.
In my tests, the response time with permission checking turned off was 33% faster on average over comparative tests for 1, 2, 3, 4, 5, 10, 20, and 110 concurrent users. See beautiful chart reflecting these numbers:
To disable permission checking for your entire repository, simply rename “alfresco/tomcat/shared/classes/alfresco/extension/unsecured-public-services-security-context.xml.sample” to “alfresco/tomcat/shared/classes/alfresco/extension/unsecured-public-services-security-context.xml” in your installation. Note that I found a defect in 3.1.1 Enterprise and 3.2 Community regarding this issue. You will need to use the “unsecured-public-services-security-context.xml.sample” file attached to this issue: https://issues.alfresco.com/jira/browse/ETHREEOH-2604 instead of the one that the installer lays down for you.