Memory utilization problem caused by too low a setting for ExecutionTimeThreshold
Article ID: 226616
Updated On:
Products
SITEMINDER
Issue/Introduction
One of two policy servers in a cluster which shares a common policy store returns a 'No Applicable Policy Found' message in Policy Server trace log when performing an authorization call from the web agent. This results in intermittent user request failing.
Environment
Release : 12.8.5 and above
Component : SITEMINDER -POLICY SERVER
Cause
Customer was leveraging the ExecutionTimeThreshold parameter to aggressively monitor policy server performance with a setting of 1 millisecond. This was causing the policy server to consume memory to the point it was producing unpredictable results for some use cases.
Resolution
Engineering recommends a setting no less than 5ms for this parameter.
Additional Information
To identify functions that take an excessive amount of time to execute without enabling tracing (which can negatively affect performance), configure the following registry parameter: ExecutionTimeThreshold
Specifies the maximum time, in milliseconds, that a function can take to process before a message is written to smps.log. Configure this setting at the following registry location:
HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig=106827535
Value: Hexadecimal number
Default: 0x1388 (5 seconds)
Example:
Set the ExecutionTimeThreshold registry parameter to 0x5 (5 milliseconds):
HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig=106827535
ExecutionTimeThreshold= 0x5; REG_DWORD
Now, if the CSmAuthUser::Authenticate function takes 16 milliseconds to complete, the following message is written to smps.log:
[20979/2969324432][Mon Feb 08 2016 14:14:53][SmAuthUser.cpp:5385][INFO][sm-log-00000] Execution time exceeded threshold.
(CSmAuthUser::Authenticate, 16, 5, agent= client=127.0.0.1 server= resource=/realm1/private.html24 action=GET user=user1)
Feedback
Yes
No
Powered by
