ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamy_5.4.0.1/50/sec/seccache.htm

35 lines
2.6 KiB
HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
<title>Security cache properties</title>
</head>
<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
<h4><a name="seccache"></a>Security cache properties</h4>
<p>The following system properties determine the initial size of the primary and secondary hashtable caches, which affect the frequency of rehashing and the distribution of the hash algorithms. The larger the number of available hash values, the less likely a hash collision occurs, and the more likely a slower retrieval time. If several entries compose a hashtable cache, creating the table in a larger capacity supports more efficient hash entries than letting automatic rehashing determine the growth of the table. Rehashing causes every entry to move each time.</p>
<ul>
<li><p><strong>com.ibm.websphere.security.util.authCacheSize</strong>
<br>This cache stores basic authentication credentials at the security server. Whenever a Lightweight Third Party Authentication (LTPA) token expires, a new token generates from the basic authorization credentials in this cache. If no basic authorization credentials exist, the requesting browser must send the basic authorization credentials to the security server. The browser prompts the user for a user ID and password if no cookie exists that contains the credentials.</p></li>
<li><p><strong>com.ibm.websphere.security.util.tokenCacheSize</strong>
<br>This cache stores LTPA credentials in the cache, using the LTPA token as a lookup value. When using an LTPA token to login, the LTPA credential is created at the security server for the first time. This cache prevents the need to access the security server on subsequent logins using an LTPA token.</p></li>
<li><p><strong>com.ibm.websphere.security.util.CredentialCacheSize</strong>
<br>Given the user ID and password for login, this cache returns the concrete credential object, either LocalOS or LTPA, without the need to repeat authentication at the security server. If the credential object has expired, repeat authentication is required.</p></li>
<li><p><strong>com.ibm.websphere.security.util.LTPAValidationCacheSize</strong>
<br>Given the credential token for login, this cache returns the concrete LTPA credential object, without the need to revalidate at the security server. If the token has expired, revalidation is required.</p></li>
</ul>
</body>
</html>