Validation Period disabled on persistent realm impact in Policy Server
search cancel

Validation Period disabled on persistent realm impact in Policy Server

book

Article ID: 132523

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER

Issue/Introduction

 

What are the consequences of disabling the "Validation Period" on a Realm configured for a persistent session?

 

Environment

 

Policy Server 12.8SP6 on RedHat 7;

 

Resolution

 

According to documentation (1), when disabling the Validation Period, the Web Agent will always try to validate the session from its cache and it will only call Policy Server if the session is not available in its cache.

On one hand, this should result in fewer calls to Policy Server and Session Store. On the other hand, this might lead to the fact that the Web Agent still validates the session, even if the session doesn't exist anymore in the Session Store.

 

Additional Information

 

(1)

    Realm Dialog Reference