| Oracle® Identity Manager Best Practices Guide Release 9.0 B25937-01 |
|
 Previous |
 Next |
| Oracle® Identity Manager Best Practices Guide Release 9.0 B25937-01 |
|
Previous |
Next |
Oracle Identity Manager uses two types of caching: global and ThreadLocal.
The global cache stores information globally, which allows any part of the system to access information stored in this cache. The global cache uses OSCache from OpenSymphony. One of the major advantages of using OSCache is its support for cluster environments. Database queries are usually stored in the global cache so that repeated queries are not run against the database again.
The ThreadLocal cache stores information that is used later on within a single transaction. For example, a query that is issued many times during the execution of the transaction will use data from the ThreadLocal cache. The data used for this query does not change for that transaction.
Oracle Identity Manager allows caching by category. You can specifically enable and disable caching for specific entities, and have a separately configurable expiration time.
This chapter covers the following topics of discussion:
The following is a snippet from the Cache section in the xlconfig.xml file:
<Cache> <Enable>false</Enable> <ThreadLocalCacheEnabled>false</ThreadLocalCacheEnabled> <ExpireTime>14400</ExpireTime> <CacheProvider>com.thortech.xl.cache.OSCacheProvider</CacheProvider> <XLCacheProvider> <Size>5000</Size> <MultiCastAddress>231.121.212.133</MultiCastAddress> </XLCacheProvider> <!-- Individual cache categories --> <!-- Adapters and event handlers to be executed on update/insert/delete --> <DataObjectEventHandlers> <Enable>false</Enable> <ExpireTime>14400</ExpireTime> </DataObjectEventHandlers>.........</Cache>
|
Note: It is recommended that caching be disabled in development environments. The reason for this is because data in development environments changes frequently. If cached data is not refreshed in time, it might cause problems for developers working with the product. |
The Cache tag refers to the cache configuration and what is contained between the beginning and the end Cache tag. The following table describes the entries in the Cache section:
Table 4-1 Cache Configuration Parameters
| Property | Description |
|---|---|
|
|
This property is used to explicitly enable components in the cache configuration for categories that are not explicitly defined in the configuration file. In other words, if the configuration file does not contain a particular category, the cache uses this entry to enable or disable such category. |
|
|
This property is to enable or disable ThreadLocal caching. |
|
|
This property is used to specify a default expiration time value for components in the cache configuration. |
|
|
This is the complete class path of the provider used for caching. This property should not be changed. |
|
|
This section is used to specify cache provider properties. In the example earlier in this section, the Size and a Multicast Address properties have been specified. |
|
|
This property specifies the size of the cache. This number reflects the number of items that the cache stores. If the size is reached, extra items to the cache will be stored while the least used are pushed out of the cache. |
|
|
The IP address used for multicast communication among all of Oracle Identity Manager components. |
|
Note: The same MultiCast address must be used for all Oracle Identity Manager installations in a given environment (for example, for all the nodes in a cluster). Cache flushes are propagated to all installations using MultiCast IP. If multicasting is disabled, cache flush is not possible. |
After the general cache configuration, each of the components or categories is shown with their own tag name. Each tag name reflects the category name that is used within the code to store information in the cache. Each of the categories can be enabled or disabled independent of other categories. Also, the expiration time can be set for each component or category. You can use the following categories in the cache configuration file:
Table 4-2 Category Based Cache Configuration Parameters
| Category Name | Description |
|---|---|
|
|
List of event handlers to be executed when data object changes occur. This is the location where custom event handler and entity adapters are attached to a data object. |
|
|
Process definition information. For example process attributes, tasks, task mappings, and so on. |
|
|
Rule definition information. |
|
|
Form definition information. |
|
|
DB column name from a column code. This is enabled by default. |
|
|
User Defined Form and column definitions |
|
|
Object definition information. |
|
|
Used to stored total counts when calling APIs with paging capability. Because information changes frequently, the default expiration time for this category is 10 minutes. |
|
|
This category defines data that does not need to flush and does not fall into a particular category. This category does not have an expiration time. This information is typically populated during the initial database setup and never changes within the same installation. |
|
|
DB field metadata information. This is category is enabled by default. |
|
|
Adapter variables, compilation status and so on. |
|
|
Cache organization names. |
|
|
Reconciliation rules. |
|
|
Caches system properties. |
|
|
Caches the conversions between lookup names and fields. |
|
|
Caches user groups. |
|
|
Caches the lookup values for a given lookup name. |
|
|
IT Resources DB key cache. |
|
|
Caches what data is to be encrypted along with System Properties |
|
|
Database metadata information for common queries. |
By default, all the categories are disabled in the cache configuration file unless otherwise mentioned in Table 4-2.
Class reloading settings are useful for scheduled tasks and adapter-related files. It is recommended that you enable reloading in development environments so that the classes are reloaded automatically without restarting the server. However, if cache reloading is disabled and any new adapters are imported, existing adapters are changed, or any .jar files are modified, the Oracle Identity Manager server must be restarted.
|
Note: It is recommended that you disable class reloading in production environments to improve performance. |
The class reloading configuration information is included in the xlconfig.xml file as follows:
<ClassLoading>
<ReloadEnabled>true</ReloadEnabled>
<ReloadInterval>15</ReloadInterval>
<LoadingStyle>ParentFirst</LoadingStyle>
</ClassLoading>
ReloadEnabled enables class reloading on regular basis.
ReloadInterval specifies the time to reload (in seconds)
LoadingStyle specifies the type of loading used. The different types are:
ParentFirst looks for the classes in the parent before loading them from the jar files in ADPClassLoader classpath.
ParentLast overrides the classes from the parent. Using ParentLast may cause ClassCastExceptions.
ParentLoader is the ThreadContext Class Loader.
Sometimes, you may need to purge the cache before the allocated amount of time. To do this, use the PurgeCache utility in the <XL_HOME>/bin directory. This utility purges all the elements in the cache.
In the PurgeCache batch file, or shell script depending on the platform, you need to change the XEL_HOME and JAVA_HOME environment variables to point to the correct places. After that, the PurgeCache utility can be run from the command line to purge the cache data.
The PurgeCache file contains the following line:
"%JAVA_HOME%\bin\java" -DXL.HomeDir=%XEL_HOME% com.thortech.xl.cache.PurgeCache All
Note that the last word in this line is ALL. This refers to all the categories within Oracle Identity Manager. More specific scripts can be developed to purge specific categories instead of all the categories.
For example:
"%JAVA_HOME%\bin\java" -DXL.HomeDir=%XEL_HOME% com.thortech.xl.cache.PurgeCache "FormDefinition"
In this example, all entries related to FormDefinition are purged across the entire system (even on a cluster environment).
|
Note: Ajava.lang.NullPointerException is thrown after running this script. This is a problem in OSCache that is currently under investigation. However, this problem does not prevent the data from being purged. |
Because post-deployment changes to the cache configuration may affect performance and usage, it is important that you configure your cache with utmost caution. To configure the Oracle Identity Manager cache for the production environment, it is recommended that you do the following:
Set all properties to true, except for the <StoredProcAPI> setting
Increase the <XLCacheProvider> size to 15000 (default value is 5000).
The following settings are the optimal values recommended for the Oracle Identity Manager cache configuration file (xlconfig.xml) for use in the production environment.
<Cache> <Enable>true</Enable> <ThreadLocalCacheEnabled>true</ThreadLocalCacheEnabled> <ExpireTime>14400</ExpireTime> <CacheProvider>com.thortech.xl.cache.OSCacheProvider</CacheProvider> <XLCacheProvider> <Size>15000</Size> <MultiCastAddress>231.172.169.176</MultiCastAddress> </XLCacheProvider><!-- Individual cache categories --><!-- Adapters and event handlers to be executed on update/insert/delete --> <DataObjectEventHandlers> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </DataObjectEventHandlers> <ProcessDefinition> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </ProcessDefinition> <RuleDefinition> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </RuleDefinition> <FormDefinition> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </FormDefinition> <ColumnMap> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </ColumnMap> <UserDefinedColumns> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </UserDefinedColumns> <ObjectDefinition> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </ObjectDefinition> <StoredProcAPI> <Enable>false</Enable> <ExpireTime>600</ExpireTime> </StoredProcAPI><!-- THis information never needs to flushed out. For example, key for requests organization and so on. --> <NoNeedToFlush> <Enable>true</Enable> <ExpireTime>-1</ExpireTime> </NoNeedToFlush><!-- Metadata Information --> <MetaData> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </MetaData><!-- Adapter Mapping Information --> <AdapterInformation> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </AdapterInformation><!-- Name of the organization for a given key and vice versa --> <OrgnizationName> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </OrgnizationName><!-- Reconciliation rules --> <Reconciliation> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </Reconciliation><!-- System Properties --> <SystemProperties> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </SystemProperties> <LookupDefinition> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </LookupDefinition> <UserGroups> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </UserGroups> <LookupValues> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </LookupValues> <ITResourceKey> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </ITResourceKey> <RecordExists> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </RecordExists> <ServerProperties> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </ServerProperties><!-- Column Meta Data --> <ColumnMetaData> <Enable>true</Enable> <ExpireTime>14400</ExpireTime> </ColumnMetaData></Cache>
