Installation Guides › Implementation Guide › Performance Tuning › Application Tier Performance › Authorization Guidelines › Responses and Authorization Performance
More information:
Responses
Responses and Authorization Performance
Including responses in access policies for web service resources (for instance, to produce SAML Session Tickets or WS-Security headers for outgoing messages) affects authorization performance. In particular, the types of response attributes included in a response determine the overall performance impact. The following list describes the response attributes types in order of their effect on performance, smallest to largest:
- Static—Defining a static attribute returns data that is constant.
- User attribute—Defining a user attribute returns profile information from a user entry in a user directory. This type of response requires the Policy Server to search the user directory.
- DN attribute—Defining a DN attribute returns information associated with directory objects to which the user is related. Groups to which a user belongs, and organizational units (ou) that are part of a user DN, are examples of directory objects whose attributes can be treated as DN attributes. This type of response requires the Policy Server to search the user directory.
