Previous Topic: User Authorization Cache

Next Topic: Estimate the Size of the User Authorization Cache

User Authorization Cache Efficiency

The user authorization cache is most efficient when:

If these factors are not met, the efficiency of the User Authorization cache is reduced.

Example: the user authorization cache and agents configured to round–robin load balance

The more Policy Servers that are in the SiteMinder agent round–robin pool, the greater the chance that the efficiency of the user authorization cache is reduced.

If a single Web Agent is configured to round–robin between two Policy Servers, the first request for a protected resource results in a user authorization cache entry on one of the Policy Servers. There is approximately a 50 percent chance that the Policy Server that does not have the cache entry must service the second request. Moving forward, however, both Policy Servers have cached the data for subsequent requests.

Consider now, the effect of a single Web Agent configured to round–robin between 10 Policy Servers. After a Policy Server authorizes a user and enters the result in to the authorization cache, there is only a 10 percent chance that the same Policy Server services the next request. In this configuration, 5 cache misses must occur before there is a 50 percent chance of a cache hit.

Note: Policy Server clusters can reduce the effect round–robin load balancing has on the user authorization cache.

More information:

Agent to Policy Server Communication


Copyright © 2010 CA. All rights reserved. Email CA about this topic