What kind of actions trigger the Policy Server to refresh its memory ?
search cancel

What kind of actions trigger the Policy Server to refresh its memory ?

book

Article ID: 15800

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



We run a Policy Server and we'd like to know what kind of actions trigger the Policy Server to refresh its memory ?

Environment

Policy Server 12.52SP2CR01

Resolution

- The content of the Policy Store is read into memory of the Policy Server during startup of the Policy Server.

- If a policy is created/changed/deleted with FSS-GUI of the Policy Server the following flow appears:

 

  - The policy is created/changed/deleted within the Policy Store from the Policy Server 

  - The policy is created/changed/deleted within the memory of the Policy Server

  - For each of this created/changed/deleted policies a ServerCommand is created which later on will be applied by the Policy Server

  - The Policy Stores in the same cluster replicate this information

  - All Policy Servers which do not have the information yet will receive it during their next regular check of the Policy Store

 

Details of the regularly running sync process between Policy Server and Policy Store:

 

  - The interval of this process can be set by a Policy Server registry entry running XPSConfig

  - The policy server looks for server commands in the policy store and applies them (updates the policy data in its memory) 

  - Each Policy Server searches in the Policy Store data, and looks at 

    the timestamps of the server commands to apply them. Once done, the 

    Policy Server thread set this search last time in his memory 

    space. Policy Server will use this last time to search server 

    command next time and find more recent server command to apply. 

 

  - Those Policy Server searches are done by the HouseKeeping thread.

 

    The Housekeeping thread checks for all the latest updates 

    that have occurred to the Policy Store data, and applies those changes 

    to synchronize the Policy Store with the XPS Store 

    data. It makes these checks every 5 minutes by default. 

    The last search time is stored inside the Housekeeping thread and 

    the next search for XPS modified objects will be issued with 

    modifyTimeStamp greater than the last search time, to find any 

    updates. 

 

    Note that the modifytimestamp only changes when the search request 

    finds modified or new items. The Housekeeping thread always uses 

    "LastModifiedTime" for searching. If there are no change, it 

    keeps using the same timestamp over an over again until it 

    finds something that changed in the Policy Store. Then it 

    updates modifytimestamp to the new value of the LastModifiedTime 

    object. 

 

Additional Information

  HouseKeeping thread looks for objects that have change in 3 categories. 

  https://support.ca.com/us/knowledge-base-articles.TEC1091288.html

 

  The default interval is 5 minutes. This value is configurable and can 

  be changed by changing the value of the XPS parameter 

  CA.XPS::$CacheCheckDelay from XPSConfig command line tool. 

  https://support.ca.com/us/knowledge-base-articles.tec553678.html 

 

Powered by Wolken Software