Configuration of the LTPA cache

Configuration of the LTPA cache

The LTPA cache helps to improve the performance of LTPA junctions in a high load environment. Without the enhancement of the cache, a new LTPA cookie is created and encrypted for each subsequent user request. The creation, encryption, and decryption of LTPA cookies introduces processing overhead. By default, the LTPA cache is enabled. Stanza entries for configuring the LTPA cache are in the [ltpa-cache] stanza of the WebSEAL configuration file. Stanza entries specify the cache size and the timeout values for cache entries. Larger lifetime and inactivity timeout values improve performance, but increase the risk of information that is exposed in the WebSEAL memory.

Stanza Entries Description

ltpa-cache-enabled Enable and disable the LTPA cache function. Values include "yes" and "no". Default value is "yes".

ltpa-cache-size Set the maximum number of entries allowed in the cache hash table. Set this value to approximate the peak number of concurrent user sessions that access an application across an LTPA junction. A high value uses more memory but results in faster information access. Each cache entry consumes approximately 50 bytes. Default value is 4096 entries.

ltpa-cache-entry-lifetime Maximum time (in seconds) any cache entry can remain in the cache, regardless of activity. After a cache entry expires, the next request by that same user requires the creation of a new LTPA cookie. Default value is 3600 seconds

ltpa-cache-entry-idle-timeout Maximum time (in seconds) an inactive cache entry can remain in the cache. Default value is 600 seconds.

Parent topic: LTPA overview

Stanza Entries	Description
ltpa-cache-enabled	Enable and disable the LTPA cache function. Values include "yes" and "no". Default value is "yes".
ltpa-cache-size	Set the maximum number of entries allowed in the cache hash table. Set this value to approximate the peak number of concurrent user sessions that access an application across an LTPA junction. A high value uses more memory but results in faster information access. Each cache entry consumes approximately 50 bytes. Default value is 4096 entries.
ltpa-cache-entry-lifetime	Maximum time (in seconds) any cache entry can remain in the cache, regardless of activity. After a cache entry expires, the next request by that same user requires the creation of a new LTPA cookie. Default value is 3600 seconds
ltpa-cache-entry-idle-timeout	Maximum time (in seconds) an inactive cache entry can remain in the cache. Default value is 600 seconds.