Authorization Caching

このページの内容

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

Caching is used to store run-time authentication and authorization rules, which can be expensive to calculate.

This page describes the cache that can be configured on the Crowd server, to store users' authentication and per-application permissions for a specified period. For an overview of the other types of caching offered by Crowd, please refer to Overview of Caching.

Caching of Users' Application Permissions on the Crowd Server — The Authorization Cache

Crowd can store users' authentication and per-application permissions in a local cache for a specified period after retrieving the information from the directory and application data. The cached data will answer the following questions:

  • For a particular user: Is the user authenticated?
  • For a particular user and application: Does the user have access to the application?

You might call this the 'has access' cache, or the 'authorization cache'.

Recommended setting: Enabled. For performance reasons, we recommend that the cache be enabled on the Crowd server. This is the default setting.

The effect of caching the data is that users will retain access to applications for a period after their username or permission has been removed, i.e. until the server-side cache expires. You should disable the cache only if you need immediate results when removing users or their permissions.

To enable caching of user-to-application permissions on the Crowd server,

  1. Crowd Administration Console にログインします。
  2. Click the 'Administration' tab in the top navigation bar.
  3. The 'General Options' screen will appear. Put a tick in the 'Enable Authorization Caching' checkbox.
  4. Click the 'Update' button.

Screenshot: 'Caching'



Some applications may enable/disable caching based on the Crowd server setting

The Crowd API allows an application to query whether caching is enabled on the Crowd server (isCacheEnabled). The Crowd Java client does not make use of this API feature, because it makes more sense to have application caching configured entirely on the application side. If you have a Crowd-integrated custom application which does make use of this API call, then the setting on the Crowd server will affect your application-side caching as well.

関連トピック

Crowd Documentation

最終更新日 2017 年 9 月 20 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.