Determine the Number of Test Users

A typical 200 users per one OpenSSO Enterprise instance can be used . For example, you could use 200 users for one OpenSSO Enterprise instance, 400 users for two OpenSSO Enterprise instances, 600 users for three OpenSSO Enterprise instances, and so on. If the workload is too low, start with 100 users, and increase it by a 100‐user increments to find out the minimum number. Once the number of test users per OpenSSO Enterprise instance is determined, continue to use this number for the rest of the tests to make the results more comparable. If you have two OpenSSO Enterprise instances behind a load balancer, the above tests actually involve at least five individual test runs. You conduct two runs each for tests 1 and 2, and conduct one run for test 3.

Verify that for each test, the response time of the second protected resource access is significantly lower than the response time of the first protected page access. On the first access to a protected resource, the agent needs to perform uncached session validation and authorization. This involves the agent communicating with OpenSSO Enterprise servers. On the second access to a protected resource, the agent can perform cached session validation and authorization. The agent does not need to communicate with the OpenSSO Enterprise servers. Thus the second access tends to be significantly faster. It's common to see the first page access takes 1 second (this highly depends on the number of test users used), while the second page access takes less than 10 ms (this does not depend too much on the number of test users used). If the second page access is not as fast as it should be, compared with the first page access, you should investigate to find out why. Is it because first page access being relatively too fast ? If so, you can increase the number of test users to increase the response time of the first page access. Is it because the agent machine is undersized so that no matter how much load you put on the system, OpenSSO Enterprise does not reach full capacity, and the agent machine reaches full capacity first. In this case, since the agent machine is the bottleneck, and not the OpenSSO Enterprise machine, you can expect both the first and second page access to be slow while OpenSSO Enterprise responds quickly.