...
Attributes specific to this type include:
Name | Type | Default | Description |
---|---|---|---|
StorageService | XML ID | Reference to |
id
attribute the id attribute of a previously defined <StorageService> element. When omitted, the default in-memory storage back-end is used. | |||
StorageServiceLite | XML ID | Reference to |
id
attribute the id attribute of a previously defined <StorageService> element. This allows a separate storage back-end to be used for a subset of the cache's needs that specifically pertain to logout-related requirements (see further discussion above). When omitted, |
StorageService
the StorageService attribute governs all storage cases. |
cleanupInterval
cleanupInterval | time in seconds | 900 | Interval in seconds between background cleanup of the in-web-server cache of frequently used sessions. The underlying storage service may have a separate setting in its own right to regulate its own cleanup. |
inprocTimeout
inprocTimeout | time in seconds | 900 | Period of inactivity after which unused sessions can be deleted from the in-web-server cache. Set to a higher value to increase performance and memory usage, or a lower value to decrease memory usage and performance. This setting only adjusts performance trade-offs and does not cause any sessions to be purged from underlying cache storage. |
cacheAssertions
cacheAssertions | boolean | false (true for legacy configurations) | Determines whether to store copies of SAML assertion(s) supplied during the creation of the session. Can usually be turned off to save memory and improve performance of cache. |
inboundHeader
inboundHeader | string | If set, the cache will look for the session key in the specified HTTP request header in addition to |
Cookie
headera Cookie header. | |||
outboundHeader | string | If set, the cache will return a created session key in the specified HTTP response header in addition to |
a Set- |
Cookie header. | |||
softRevocation | boolean | true | Determines whether the cookie-based session recovery feature is willing to overlook failed storage operations to see if a session might have been revoked by a logout. |
Example
Code Block | ||
---|---|---|
| ||
<SessionCache type="StorageService" StorageService="db" cacheAllowance="3600" inprocTimeout="900" cleanupInterval="900"/> |