Versions Compared

Old Version 8

changes.mady.by.user Rod Widdowson

Saved on

compared with

New Version 9

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Warning
titleKnown Security Issue

The <ResultCache> element in IdP versions before 3.3.0 has a serious security issue, as described in security advisory 20161027. If you are using a vulnerable version of the IdP then you should not use this element in new deployments, and you should remove it from existing deployments.

The <ResultCache> element can be used safely starting with IdP version 3.3.0.

Schema Name and Location

This element is defined by in the urn:mace:shibboleth:2.0:resolver schema namespace, the schema for which is located at http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd.

Example

Code Block
languagexml
<ResultCache maximumCachedElements="100"/>

Configuration Reference

Attributes

The <ResultCache> element has two optional attributes:

NameTypeDefault

Description

maximumCachedElements

Integer500500                  Maximum number of entries the cache may contain

expireAfterAccess 3.4

DurationPT4HDuration after which any entry will be removed from the cache. The duration is reset on each access.

expireAfterWrite 3.4

Duration<None>
Duration after which any entry will be removed from the cache. The duration is from first use.

elementTimeToLive

DurationDeprecated 3.4Duration after which any entry will be removed from the cache
Deprecated in as of V3.4, use   expireAfterAccess

Child Elements

No child elements are defined.

Notes

The caching specified by the <ResultCache> element can instead be defined by specifying a <ResultCacheBean> element on the data connector, which allows for complete override replacement of cache result handling.