Dynamic role caching properties

The dynamic role cache holds role memberships that expire.

These properties are in the profile_root/etc/tam/amwas.node_name_server_name.amjacc.properties file.

The profile_root directory is the value of the profilePath parameter at profile creation time.

com.tivoli.pd.as.cache.EnableDynamicRoleCaching=true

Enables or disables dynamic role caching. Dynamic role caching is enabled by default.

com.tivoli.pd.as.cache.DynamicRoleCache=com.tivoli.pd.as.cache.DynamicRoleCacheImpl

This property holds the implementation class of the dynamic role cache. You do not need to change this property, although the opportunity exists to implement your own cache, if necessary.

com.tivoli.pd.as.cache.DynamicRoleCache.MaxUsers=100000

The maximum number of users that the cache supports before a cache cleanup is performed. The default number of users is 100000.

com.tivoli.pd.as.cache.DynamicRoleCache.NumBuckets=20

The number of tables that is used internally by the dynamic role cache. The default is 20. When a large number of threads use the cache, increase the value to tune and optimize cache performance.

com.tivoli.pd.as.cache.DynamicRoleCache.PrincipalLifeTime=10

The period of time in minutes that a principal entry is stored in the cache. The default time is 10 minutes. The term, principal, here refers to the Tivoli® Access Manager credential that is returned from a unique Lightweight Directory Access Protocol user.

com.tivoli.pd.as.cache.DynamicRoleCache.RoleLifetime=20

The period of time in seconds that a role is stored in the role list for a user before it is discarded. The default is 20 seconds.




Related tasks
Configuring the JACC provider for Tivoli Access Manager using the administrative console
Related information
JACC provider configuration properties for Tivoli Access Manager


Terms of Use | Feedback

Last updatedLast updated: Sep 19, 2011 6:15:55 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-express-dist&topic=rsec_configdynacache
File name: rsec_config_dyna_cache.html