LTPA token cushion period

LTPA token cushion period

Within the LTPA token expiration, there is a cushion period used to validate the tokens before a request is sent to the downstream application servers. This helps prevent the expiration of the tokens in a downstream server. The cushion period is twenty percent of the LTPA token expiration period, and has a maximum default time out value of ten minutes.
Custom properties:

com.ibm.ws.security.cacheCushionMax Maximum timeout value for the cushion period. The default is ten minutes.
com.ibm.ws.security.cacheCushionMin Minimum expiration value for the cushion period. Should not be less than the ORB request time out value (three minutes). Default value is three minutes.

com.ibm.ws.security.authCacheCushionTime Cushion expiration time. Value must be less than cacheCushionMax. The time unit for this custom property is in minutes.

Security considerations when in a multi-node WAS WAS ND environment

com.ibm.ws.security.cacheCushionMax	Maximum timeout value for the cushion period. The default is ten minutes.
com.ibm.ws.security.cacheCushionMin	Minimum expiration value for the cushion period. Should not be less than the ORB request time out value (three minutes). Default value is three minutes.
com.ibm.ws.security.authCacheCushionTime	Cushion expiration time. Value must be less than cacheCushionMax. The time unit for this custom property is in minutes.