WebSphere Application Server Version 6.1 Feature Pack for Web Services
             Operating Systems: AIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS

             Personalize the table of contents and search results

Security cache properties

The following Java virtual machine (JVM) security cache custom properties determine whether the authentication cache is enabled or disabled. If the authentication cache is enabled, as recommended, these custom properties specify the initial size of the primary and secondary hash table caches, which affect the frequency of rehashing and the distribution of the hash algorithms.

Important: The com.ibm.websphere.security.util.tokenCacheSize and com.ibm.websphere.security.util.LTPAValidationCacheSize properties were replaced with the com.ibm.websphere.security.util.authCacheSize property.
You can specify these system properties by completing the following steps:
  1. Click Servers > Application servers > server_name.
  2. Under Server Infrastructure, expand Java and Process Management.
  3. Click Process Definition > Java Virtual Machine.
  4. Under Additional properties, click Custom properties > New.
  5. Under General Properties, specify the property name and its value. You can specify multiple property name and value pairs delimited by a space.
  6. Click OK.

WebSphere Application Server includes the following security cache custom properties:

com.ibm.websphere.security.util.authCacheSize
Specifies the initial size of the primary and secondary hash table caches. A higher number of available hash values might decrease the occurrence of hash collisions. A hash collision results in a linear search for the hash bucket, which might decrease the retrieval time. If several entries compose a hash table cache, you create a table with a larger capacity that supports more efficient hash entries instead of allowing automatic rehashing determine the growth of the table. Rehashing causes every entry to move each time.
Default: 200
Type: Integer
com.ibm.websphere.security.util.authCacheEnabled
Specifies whether to disable the authentication cache. For example, you can cache the user ID and the one-way hashed password as the key lookup for the cache or use a token. The com.ibm.websphere.security.util.authCacheEnabled custom property has three possible values:
  • A true value enables the authentication cache. The user registry or repository is not accessed multiple times.
  • A false value disables the authentication cache. The user registry or repository is accessed multiple times, which impacts performance. If you add com.ibm.websphere.security.util.authCacheEnabled=false to the Java virtual machine (JVM), the cache is disabled. WebSphere Application Server invokes a custom Java Authentication and Authorization Service (JAAS) login module.
  • A BasicAuthDisabled value enables the authentication cache, but does not allow credentials to be looked up by a user ID and a one-way hash password.
Default: True
com.ibm.websphere.security.util.authCacheMaxSize
Specifies the maximum size of all entries in the authentication cache. This property is used to prevent unbounded growth of the cache.
Default 25000
Type Integer



Related tasks
Revoking users from a cache
[AIX HP-UX Linux Solaris Windows] [i5/OS] Tuning the application serving environment
Tuning security configurations
Reference topic    

Terms of Use | Feedback

Last updated: Nov 25, 2008 2:35:59 AM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.wsfep.multiplatform.doc/info/ae/ae/rsec_tuneproperties.html