+

Search Tips   |   Advanced Search

Configure the authentication cache on the Liberty profile

We can modify how authenticated users are cached on the Liberty profile.

Because the creation of a subject might impact performance, the Liberty profile provides an authentication cache to store a subject after an authentication of a user is successful. The cache is initialized with a certain number of entries, determined by the initialSize attribute, and has a maximum number of entries, determined by the maxSize attribute. If the maximum size is reached, then the earliest entries that were used are removed from the cache. Iif a user has been inactive for longer than period specified by the timeout attribute, then the entry for that user is removed from the cache. By default, the cache size is initialized to 50 entries and a maximum of 25000 entries, with a timeout of 600 seconds.

You do not have to configure the values for the authCache element unless to change the default values of the authentication cache.

For more information about authentication case, see Authentication cache.

  1. Enable the appSecurity-2.0 Liberty feature by adding the following code to server.xml.
     <featureManager>
        <feature>appSecurity-2.0</feature>
     </featureManager>

  2. Optional: To change the default options for the authentication cache, add the <authCache> element to server.xml. In the following example, the initial size of the authentication cache is changed to 100 entries with a maximum of 50000 entries, and the timeout is changed to 15 minutes.

  3. Optional: To disable the authentication cache, set the attribute cachEnabled to false in the <authentication> element as follows:

    For more information about the <authCache> and <authentication> elements, see Configuration elements in server.xml.


Parent topic: Authenticate users

Concepts:

  • Authentication

    Related information:

    Intel Advanced Encryption Standard New Instructions