Security cache properties: WAS v5.1

Security cache properties

The following system properties determine the initial size of the primary and secondary hash table caches, which affect the frequency of rehashing and the distribution of the hash algorithms. The larger the number of available hash values, the less likely a hash collision occurs, and the more likely a slower retrieval time. If several entries compose a hash table cache, creating the table in a larger capacity supports more efficient hash entries than letting automatic rehashing determine the growth of the table. Rehashing causes every entry to move each time.

com.ibm.websphere.security.util.authCacheSize This cache stores basic authentication credentials at the security server. Whenever a Lightweight Third Party Authentication (LTPA) token expires, a new token generates from the basic authorization credentials in this cache. If no basic authorization credentials exist, the requesting browser must send the basic authorization credentials to the security server. The browser prompts the user for a user ID and password if no cookie exists containing the credentials.

com.ibm.websphere.security.util.tokenCacheSize This cache stores LTPA credentials in the cache using the LTPA token as a lookup value. When using an LTPA token to log in, the LTPA credential is created at the security server for the first time. This cache prevents the need to go to the security server on subsequent logins using an LTPA token.

com.ibm.websphere.security.util.CredentialCacheSize Given the user ID and password for login, this cache returns the concrete credential object, either LocalOS or LTPA, without the need to repeat authentication at the security server. If the credential object has expired, repeat authentication is required.

com.ibm.websphere.security.util.LTPAValidationCacheSize Given the credential token for login, this cache returns the concrete LTPA credential object, without the need to revalidate at the security server. If the token has expired, revalidation is required.

See Also
Tuning security configurations
User revocation from a cache
Tuning performance parameter index

com.ibm.websphere.security.util.authCacheSize	This cache stores basic authentication credentials at the security server. Whenever a Lightweight Third Party Authentication (LTPA) token expires, a new token generates from the basic authorization credentials in this cache. If no basic authorization credentials exist, the requesting browser must send the basic authorization credentials to the security server. The browser prompts the user for a user ID and password if no cookie exists containing the credentials.
com.ibm.websphere.security.util.tokenCacheSize	This cache stores LTPA credentials in the cache using the LTPA token as a lookup value. When using an LTPA token to log in, the LTPA credential is created at the security server for the first time. This cache prevents the need to go to the security server on subsequent logins using an LTPA token.
com.ibm.websphere.security.util.CredentialCacheSize	Given the user ID and password for login, this cache returns the concrete credential object, either LocalOS or LTPA, without the need to repeat authentication at the security server. If the credential object has expired, repeat authentication is required.
com.ibm.websphere.security.util.LTPAValidationCacheSize	Given the credential token for login, this cache returns the concrete LTPA credential object, without the need to revalidate at the security server. If the token has expired, revalidation is required.