The client-side SDK and policy agent cache properties apply only to Java EE policy agents. The properties do not apply to web agents.
The default value 20. This means the Java EE policy agent can cache a maximum of 20 rules or resources.
This property should be set equal to the number of rules configured on the server for the FQDN the Agent is protecting. Otherwise, when the maximum cache limits are reached for the resource cache, and if a new rule or resource is accessed, then the oldest cached rule and all the sessions cached for that rule will be removed.
The default value is 10000. This means the Java EE policy agent can cache a maximum of 10000 sessions per rule or resource. This property should be reduced or increased based on the memory available on the container.
The ResourceCap value should be always tuned. Since the policy agents co-exist with the application, you should increase or reduce the SessionCap on the policy agent based on the memory use of the application protected by the policy agent. You can increase the SessionCap value until you no longer observe frequent full GCs.