Increasing authentication cache timeout

Increasing authentication cache timeout - lookup. Such...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
Increasing authentication cache timeout In WAS ND7 environments, security information related to beans, access to resources and authentication  credentials is kept in a cache. In our specific case, operations requiring authentication information first access  the authentication cache in order to access the required information. Therefore, the cache helps to accelerate  the continuity of such operations. Elements in the authentication cache that have not been accessed for the  period indicated by the authentication cache timeout are removed from the cache. When a subsequent  operation that requires the authentication information takes place, additional actions to obtain the required  information are executed. These actions could involve accessing the user registry and perhaps even a database 
Background image of page 1
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: lookup. Such operations are expensive in terms of performance. Moreover, this type of tuning needs to take into consideration the following facts: In a non-secure environment, such as users accessing your application from the Internet, increasing the authentication cache timeout may allow a potential hacker from stealing an authentication token and give the hacker enough time to penetrate the system before the token expiration. This should not be the case if your application is accessed only within your intranet. A short period for the timeout will affect performance in that the system would have to request the desired information from back-end and support systems more often...
View Full Document

Ask a homework question - tutors are online