View Source

The <ResultCache> element specifies the manner in which results may be cached for subsequent lookups.

The <ResultCache> element in IdP versions before 3.3.0 has a serious security issue, as described in security advisory 20161027. If you are using a vulnerable version of the IdP then you should not use this element in new deployments, and you should remove it from existing deployments.

The <ResultCache> element can be used safely starting with IdP version 3.3.0.

Schema Name and Location

This element is defined by the urn:mace:shibboleth:2.0:resolver:dc schema, which is located at http://shibboleth.net/schema/idp/shibboleth-attribute-resolver-dc.xsd .

Example

<dc:ResultCache maximumCachedElements="100"/>

Attributes

The <ResultCache> element has two optional attributes:

Name	Type	Default	Description
`maximumCachedElements`	Integer	500	Maximum number of entries the cache may contain
`elementTimeToLive`	Duration	PT4H	Duration after which any entry will be removed from the cache

Child Elements

No child elements are defined.

Notes

The caching specified by the <ResultCache> element can instead be defined by specifying a <ResultCacheBean> element on the data connector, which allows for complete override of cache result handling.