Active Directory Authenticator Provider: Performance
Configuration Options Related Tasks Related Topics
Configure caching to optimize the performance of this Active Directory Authentication provider.
Configuration Options
Name Description Enable Group Membership Lookup Hierarchy Caching Boolean value that indicates whether group membership hierarchies found during recursive membership lookup will be cached. If true, each subtree found will be cached.
MBean Attribute:
ActiveDirectoryAuthenticatorMBean.EnableGroupMembershipLookupHierarchyCaching
Changes take effect after you redeploy the module or restart the server.
Max Group Hierarchies In Cache The maximum size of the LRU cache for holding group membership hierarchies if caching is enabled. The default is 100.
MBean Attribute:
ActiveDirectoryAuthenticatorMBean.MaxGroupHierarchiesInCache
Changes take effect after you redeploy the module or restart the server.
Group Hierarchy Cache TTL The maximum number of seconds a group membership hierarchy entry is valid in the LRU cache. The default is 60.
MBean Attribute:
ActiveDirectoryAuthenticatorMBean.GroupHierarchyCacheTTL
Changes take effect after you redeploy the module or restart the server.
Enable SID To Group Lookup Caching Boolean value that indicates whether SID to group name lookup results are cached or not. This is only used if the token group membership lookup algorithm is enabled.
MBean Attribute:
ActiveDirectoryAuthenticatorMBean.EnableSIDtoGroupLookupCaching
Changes take effect after you redeploy the module or restart the server.
Max SID To Group Lookups In Cache The maximum size of the LRU cache for holding SID to group lookups if caching of SID to group name mappings is enabled and if the tokenGroups group membership lookup is enabled. The default is 500.
MBean Attribute:
ActiveDirectoryAuthenticatorMBean.MaxSIDToGroupLookupsInCache
Changes take effect after you redeploy the module or restart the server.