Disabling LDAP query result caching
search cancel

Disabling LDAP query result caching


Article ID: 42863


Updated On:


STARTER PACK-7 CA Rapid App Security CA API Gateway




The Layer 7 Gateway caches a certain amount of LDAP authentication requests. This allows the Gateway to balance speed with consistency for users requiring repeated authentication attempts against a directory over a short period of time. This caching is intended to increase the performance of the Gateway. To troubleshoot LDAP related authentication failures, it may be necessary to disable LDAP authentication caching for both failed and successful authentication attempts. This behavior is governed by two cluster-wide properties:
  1. authCache.failureCacheSize
  2. authCache.successCacheSize


In order to remove any and all LDAP caching, the following steps should be taken:?

  1. Log into the Layer 7 Policy Manager as an administrative user
  2. Open the?Tasks menu
  3. Select the?Manage Cluster-Wide Properties task
  4. Add or edit the two cluster-wide properties specified below to have a value of?0.
The cache for LDAP authentication should expire shortly and subsequent requests will not be cached. It is recommended that this behavior not be utilized in a production environment unless specified by Layer 7 Support as increased frequency of LDAP queries can result in a net negative impact to the performance of the Gateway appliance.


Component: APIGTW