Crowd 1.4 : Session Configuration
This page last changed on May 05, 2008 by smaddox.
This page tells you how to set the timeout period for a session token and how to enable/disable in-memory token storage. Session TimeoutWhen a successful authentication occurs, for either an application or a user, a unique token is assigned. Tokens are valid for the period of time specified as the 'Session Timeout' attribute.
Authentication Token StorageAuthentication tokens are used to validate application and user sessions. A token is stored for each active session. By default, they're kept in the Crowd database. Storing these tokens in memory can benefit performance, but with some significant drawbacks:
Switching from database to in-memory token management does not require a restart of Crowd; nor will sessions be lost or validations failed. However, if you have lots of active sessions, and therefore lots of tokens, it can take some time to copy the token information. During this time, validation requests will be queued and Crowd will appear unresponsive to client applications. As a guide, below are some benchmarks of time taken to switch from one form of token storage to the other. The measurements were taken on a quad-core Mac Pro, using a lightly-loaded PostgreSQL database:
To switch the token storage location,
RELATED TOPICS
|
![]() |
Document generated by Confluence on May 08, 2008 19:37 |