The following Java virtual machine (JVM) security cache
custom properties determine whether the authentication cache is enabled
or disabled. If the authentication cache is enabled, as recommended,
these custom properties specify the initial size of the primary and
secondary hash table caches, which affect the frequency of rehashing
and the distribution of the hash algorithms.
Important: The com.ibm.websphere.security.util.tokenCacheSize
and com.ibm.websphere.security.util.LTPAValidationCacheSize properties
were replaced with the com.ibm.websphere.security.util.authCacheSize
property.
You can specify these system properties by completing the following
steps:
- Click Servers > Application servers > server_name.
- Under Server Infrastructure, expand Java and Process Management.
- Click Process Definition > Java Virtual Machine.
- Under Additional properties, click Custom properties > New.
- Under General Properties, specify the property name and its value.
You can specify multiple property name and value pairs delimited by
a space.
- Click OK.
WebSphere Application Server includes the following security cache
custom properties:
- com.ibm.websphere.security.util.authCacheSize
- Specifies the initial size of the primary and secondary hash table
caches. A higher number of available hash values might decrease the
occurrence of hash collisions. A hash collision results in a linear
search for the hash bucket, which might decrease the retrieval time.
If several entries compose a hash table cache, you create a table
with a larger capacity that supports more efficient hash entries instead
of allowing automatic rehashing determine the growth of the table.
Rehashing causes every entry to move each time.
Default: |
200 |
Type: |
Integer |
- com.ibm.websphere.security.util.authCacheEnabled
- Specifies whether to disable the authentication cache. For example,
you can cache the user ID and the one-way hashed password as the key
lookup for the cache or use a token. The com.ibm.websphere.security.util.authCacheEnabled custom
property has three possible values:
- A true value enables the authentication cache. The user
registry or repository is not accessed multiple times.
- A false value disables the authentication cache. The
user registry or repository is accessed multiple times, which impacts
performance. If you add com.ibm.websphere.security.util.authCacheEnabled=false to
the Java virtual machine (JVM), the cache is disabled. WebSphere Application
Server invokes a custom Java Authentication and Authorization Service
(JAAS) login module.
- A BasicAuthDisabled value enables the authentication
cache, but does not allow credentials to be looked up by a user ID
and a one-way hash password.
-
- com.ibm.websphere.security.util.authCacheMaxSize
- Specifies the maximum size of all entries in the authentication
cache. This property is used to prevent unbounded growth of the cache.
Default |
25000 |
Type |
Integer |