{http://www.bea.com/ns/weblogic/920/domain}elementlocalized-key-cache-invalidation-interval(BEA WebLogic Server 10.0 Domain Configuration Schema Reference)

Overview

Namespace

Component

Index

Help

BEA WebLogic Server 10.0 Domain Configuration Schema Reference

DETAILS: DOCUMENTATION | ELEMENTS | ATTRIBUTES

FRAMES | NO FRAMES

http://www.bea.com/ns/weblogic/920/domain
element localized-key-cache-invalidation-interval

Model: <localized-key-cache-invalidation-interval>long</localized-key-cache-invalidation-interval>

Disallowed substitutions (block): none (extensions, restrictions and substitutions are allowed)

Substitution group exclusion (final): none (extensions and restrictions are allowed)

Usage

Documentation

The number of milliseconds after which WebLogic Server invalidates its cache of SNMP security keys. Setting a high value creates a risk that users whose credentials have been removed can still access SNMP data.

An SNMP security key is an encrypted version of an SNMP agent's engine ID and an authentication password or privacy password. WebLogic Server generates one security key for each entry that you create in the SNMP credential map. When a WebLogic Server SNMP agent receives an SNMPv3 request, it compares the key that is in the request with its WebLogic Server keys. If it finds a match, it processes the request. The SNMP agent also encodes these keys in its responses and notifications. (You configure which keys are encoded when you create a trap destination.)

Instead of regenerating the keys for each SNMPv3 communication, WebLogic Server caches the keys. To make sure that the cache contains the latest set of SNMP credentials, WebLogic Server periodically invalidates the cache. After the cache is invalidated, the next time an SNMP agent requests credentials, WebLogic Server regenerates the cache.

Note that making a change to the credential map does not automatically update the cache. Instead, the cache is updated only after it has been invalidated.

For example, if you update a privacy password in an existing entry in the SNMP credential map, the SNMP agent is not aware of the new password until the key cache is invalidated and regenerated. An SNMP user with the old security password can still access WebLogic Server data until the cache is invalidated.

You can invalidate a key immediately instead of waiting for this invalidation interval to expire.

Privileges: Read/Write

Default Value: 3600000

Maximum value: 86400000

MBean Attribute: SNMPAgentMBean.LocalizedKeyCacheInvalidationInterval

Fundamental Facets: equality, numeric, bounded, totaly ordered, countable infinite value space

White Space Processing: collapse