How to disable Security Cache in WebSphere Application Server
 Technote (troubleshooting)
 
Problem(Abstract)
How to disable credential cache lookup by userid and password in WebSphere Application Server versions 4.0.x and 5.0.x
 
Resolving the problem
Many times customers want to revoke user accounts. Similarly, users change passwords and want the change to be effective immediately. In other words, no one should be able to gain access with the old (or, expired) password. This can be accomplished by disabling Security caching. Here are the instructions:
To disable userId and password cache in WSAS4.0.x, do the following:

1) In Admin.config, add the following property:
com.ibm.websphere.security.util.LTPAAuthCacheEnabled=false

2) At application server, add the following JVM property
com.ibm.websphere.security.util.CredentialCacheEnabled=false



To disable credential cache lookup by userid and password in WAS 5.0 and WAS 5.0.1:

Set the following JVM properties to false:
com.ibm.websphere.security.util.AuthCacheEnabled and com.ibm.websphere.security.util.CredentialCacheEnabled. See the attached screen shot in WSAS5.0 and WSAS5.0.1




To disable credential cache lookup after 5.0.2:

In WSAS5.0.2, all four credential caches are consolidated into one, and could be enabled, disabled, or partial disabled with JVM property com.ibm.websphere.security.util.authCacheEnabled. com.ibm.websphere.security.util.authCacheEnabled can be set to true, false, or BasicAuthDisabled. To disable credential cache lookup by userid and password, set JVM property:
com.ibm.websphere.security.util.authCacheEnabled = BasicAuthDisabled.
In WSAS5.0.2, release, this JVM property can only be set to true and false, and you need APAR PQ76758 to set this value to BasicAuthDisabled.
 
readme.txtPQ76758_5.0.2_Test.jar
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 5.0
Software edition:
Reference #: 1174541
IBM Group: Software Group
Modified date: Jul 18, 2004