User Authorization Cache

This  week the CA Tip is on AZ Cache.

The Policy Server caching framework is something that I have struggled with a lot over the years–I seem to think of ‘front end cache’ and ‘back end cache’–FEC is the stuff that is cached between policy server & web agent and BEC is the stuff cached between the policy server & user stores. I generally don’t worry much about what the policy server caches of the actual policies. I think I think this way mostly because the policies I work with are generally fairly simple & I just assume everything is in cache. Also, problems only seem to occur if something is slow going back to the User Stores.

I find this comment in the article very telling:

Please note that if a policy is bound to a user name (or DN, OU, and O); the Authorization Cache is ineffective because in this case there is no need to search the directory in the first place

The distinctions between CN or or OU is very interesting.

Also, this seems very interesting to me:

a) the cache limit is reached 25% random entries are removed

I have posted to the forums to try to get more information on this.

Advertisements

Leave a comment

No comments yet.

Comments RSS TrackBack Identifier URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s