On Wed, Aug 21, 2013 at 2:46 PM, Nate McCall <n...@thelastpickle.com> wrote:
> The bcrypt rounds are indeed expensive and ClientState should hold the > result for the active connection. So it sounds like you are creating a lot > of new connections and thus hitting that bcrypt penalty. > > Thanks, that was my thought too but I was hoping I was wrong. I'm checking with the phpcassa folks to see if there's a way to make connections persist for the lifetime of the PHP-FPM processes...failing that I may just roll my own auth module that's the same as the built-in but using something more light-weight, like MD5. It's not ideal but it's better than turning off authentication altogether.
