+

Search Tips   |   Advanced Search


Caching with a proxy server


Contents

  1. Cache pages shared by multiple users
  2. Cache scope
  3. Expiry time
  4. Cache scope and expiry time settings
  5. Default cache scope and expiry time settings
  6. Factors affecting cache scope and expiry time
  7. Limitations
  8. Security Issues
  9. Troubleshooting


See also

  1. WebSphere Portal Caches
  2. Lotus Web Content Management Caches


Caching pages shared by multiple users

If you use a proxy server such as WebSphere Edge Server, and your system has content that can be shared among multiple users, you can improve performance by caching this shared content.

You can configure cache scope and cache expiry time by page, portlet, and theme. WebSphere Portal combines this information to produce a final cache scope and expiry time for each page it serves.

To use configure cache settings, use...

When caching JSR portlets, the cache scope is only for proxy server caching policies and requires the use of an edge server cache. Local display caching policies are not affected by this setting. The cache expiration setting is used for both local and remote caching policies.


Cache scope

The cache scope determines where the content will be cached. There are two types of caching:


Expiry time

The expiry time determines how long the page is stored in a cache. WebSphere Portal allows three options for specifying expiry time:


Cache scope and expiry time settings

Resources that contribute to the overall remote cache information on a Page:

Contributes Key Possible Values Set Via XML Access Set Via UI
remote cache scope com.ibm.portal.remote-cache-scope SHARED, NON_SHARED yes yes
remote cache expiry com.ibm.portal.remote-cache-expiry Time in seconds, given as an integer between -1 and the value ((2 to the power of 31)-1)

Use the value -1 if you never want the cache to expire.

yes yes
Ignore Access Control in Caches com.ibm.portal.IgnoreAccessControlInCaches True, False yes yes

Example for XML access:

    <parameter update="set" name="com.ibm.portal.remote-cache-scope" type="string">SHARED</parameter>
    <parameter update="set" name="com.ibm.portal.remote-cache-expiry" type="string">3000</parameter>
    <parameter update="set" name="com.ibm.portal.IgnoreAccessControlInCaches" type="string">true</parameter>

Resources that contribute to the overall remote cache information for Themes:

Contributes Key Possible Values Set Via XML Access Set Via UI
remote cache scope com.ibm.portal.remote-cache-scope SHARED, NON_SHARED yes no
remote cache expiry com.ibm.portal.remote-cache-expiry Time in seconds, given as an integer between -1 and the value ((2 to the power of 31)-1)

Use the value -1 if you never want the cache to expire.

yes no

Example for XML access:

    <parameter update="set" name="com.ibm.portal.remote-cache-scope" type="string">SHARED</parameter>
    <parameter update="set" name="com.ibm.portal.remote-cache-expiry" type="string">3000</parameter>

Resources that contribute to the overall remote cache information on a Portlet Definition:

Contributes Key Possible Values Set Via deployment descriptor or an extension to it Set Via UI
remote cache scope remote-cache-scope SHARED, NON_SHARED yes no
expiration cache EXPIRATION_CACHE Time in seconds, given as an integer between -1 and the value ((2 to the power of 31)-1)

Use the value -1 if you never want the cache to expire.

yes yes
remote cache dynamic remote-cache-dynamic True, False yes no

The Standard Portlet API specification defines the meaning of the EXPIRATION_CACHE value. WebSphere Portal uses this value to determine the lifetime of the portlet's output in a remote cache, just like the remote cache expiry for themes. The remote cache dynamic setting is an optimization to notify the container whether a portlet window can publish remote cache information at render time. The deployment descriptor specification shows how to deal with these settings.

Resources that contribute to the overall remote cache information on a Portlet Window:

Contributes Key Possible Values Set Via deployment descriptor or an extension to it Set Via UI
remote cache scope remote-cache-scope SHARED, NON_SHARED no, only published during render time no
expiration cache EXPIRATION_CACHE Time in seconds, given as an integer between -1 and the value ((2 to the power of 31)-1)

Use the value -1 if you never want the cache to expire.

no, only published during render time no

The portlet definition describes the portlet at a deployment time level given in the portlet deployment descriptor. Thus, attributes specified in the deployment descriptor are valid on all occurrences on all pages of this portlet. The portlet window describes the runtime entity for a portlet. While in the rendering phase of a portlet, the portlet can publish values or attributes via an API. Thus, attributes specified while rendering the portlet is portlet instance specific. Example code snippet for publishing the information at render time:

    String paramExpiry = "3000";
    String paramScope = "SHARED";
    renderResponse.setProperty( "portlet.remote-cache-scope", paramScope );
    renderResponse.setProperty( RenderResponse.EXPIRATION_CACHE, paramExpiry );

Resources that contribute to the overall remote cache information on Portlet Wide Settings:

Contributes Key Possible Values Set Via XML Access Set Via UI
remote cache expiration remote.cache.expiration Time in seconds, given as an integer between -1 and the value ((2 to the power of 31)-1)

Use the value -1 if you never want the cache to expire.

no, property in WP NavigatorService no
vary vary List of HTTP header fields that can be put into the vary response header no, property in WP NavigatorService no


Default cache scope and expiry time settings

Possible WP NavigatorService settings:

Table 1. Settings that influence remote caching
Key Meaning Default value
public.session Specifies whether an anonymous user always has a public session.

This may be useful when a portlet requires a session for anonymous users. To enable public sessions for pages that anonymous users can view without logging in, set this parameter to true.

The setting of public.session influences the remote cache scope for public pages. If public.session is set to true, then the cache scope is set to non-shared (private). If public.session is set to false, then the cache scope is set to shared (public).

Setting public.session to true might reduce performance.

false
public.expires Specifies the cache expiration time (in seconds) for caches outside of WebSphere Portal and for unauthenticated pages only. These caches must adhere to the HTTP 1.1 specification (RFC 2616). The public.expires key specifies the time after which HTTP caches should drop the response.

This can be further restricted by the remote.cache.expiration key (see below).

This value is used as a maximum value for the cache expiration time and as a global default value for unauthenticated pages. If the setting remote.cache.expiration is also set to a value greater than or equal to 0, the smaller one of the two values is used.

WebSphere Portal calculates and aggregates the remote cache information, that is the scope and expiration time, by a number of parameters contributed by themes, pages, and portlets besides the settings described here. Therefore WebSphere Portal can do any of the following internally while processing a request:

  • Reduce the cache lifetime

  • Reduce the cache scope, for example, from public (shared) to private (non-shared)

  • Switch off the overall cachability of pages.

Therefore this value might not be static for all responses resulting from requests to unauthenticated pages. The response of WebSphere Portal sets the following header fields:

  • The Expires header with the expiration time added to the system date and time.

  • The Cache-Control : max-age = header with the expiration time as its parameter.

The default setting specified in this file is 60 seconds.

If no value is specified, WebSphere Portal defaults the value to 60 seconds.

60 (sec)
remote.cache.expiration Specifies the maximum cache lifetime (in seconds) of a page, both public and private. Use this setting to specify a global value for the expiration of pages in remote caches. Setting this value to 0 switches caching off in remote caches. If the legacy setting is not available, this setting is used for authenticated and unauthenticated pages. If the legacy setting is available, then the smaller of the two values is used for unauthenticated pages only. In this case the remote.cache.expiration setting is used for authenticated pages in general. If theme, composition, and portlets contribute remote cache information, then the global settings also contribute to the information. In this case the lowest of the values of all contributors is used, including the global settings.

The default setting specified in this file is 60 seconds.

If no value is specified, WebSphere Portal defaults the value to zero (0 seconds).

0 (sec)
remoteCacheInfo.response.header.vary Specifies the HTTP headers that force a proxy to cache different variants of the same URL. Use this setting to specify a comma separated list of HTTP header fields to which WebSphere Portal should refer in its vary field of the generated HTTP response. This is required to ensure that proxy caches can invalidate entries in their cache if the specified header fields do not match from request to request. User-Agent
public.cache-control Specifies the value which is set for the cache-control HTTP header field when the portal generates a response in request for public pages. This header field controls the behavior of all caching mechanisms along the request/response chain. no-cache
private.cache-control Specifies the value which is set for the cache-control HTTP header field when the portal generates a response in request for private pages. This header field controls the behavior of all caching mechanisms along the request/response chain. no-cache


Factors affecting cache scope and expiry time

Multiple factors can affect the cache scope and expiry time for a page. The remote-cache-scope and remote-cache-expiration of a rendered page view is calculated as the minimum of the following factors:


Limitations

With the above settings, it is possible to generate an HTTP response header like Cache-Control: max-age=-1, which indicates an unlimited cache expiration when a page is rendered.

This is beyond the HTTP 1.1 specification but if a proxy cache does not support an unlimited cache expiration, WebSphere Portal supports it. If the cache infrastructure does not properly work with this response header, set the remote.cache.expiration value in the WP NavigatorService to a large value. To set an unlimited cache expiration is not possible if the cache infrastructure does not support it.


Security Issues

Storing authenticated pages in a shared cache introduces security holes. If a malicious user discovered the URL for an authenticated page, that user could read pages containing private information. By default, WebSphere Portal does not permit shared caching for authenticated pages. You can use the Properties portlet or the XML configuration interface to override these default settings using the com.ibm.portal.IgnoreAccessControlInCaches parameter, but in most cases this is not recommended.

In some rare circumstances, it might be useful to store authenticated pages in a shared cache.

For example, if all authenticated users receive identical content, then storing authenticated pages in a shared cache might be acceptable.


Troubleshooting

In general, you should monitor the cache hit rate on the proxy server and adjust the cache size appropriately. If the hit rate is lower than expected, increase the cache size. You can also check the following item:


Parent topic:

Configure portal behavior


Related tasks


Set service configuration properties


Related reference


Portal configuration services