Gluu Blog

Follow us:
Back to Blog

Managing cache in the Gluu Server

William L. April 10, 2019

Some organizations might find it helpful to configure their Gluu Server to issue longer user or client sessions. Longer sessions mean fewer authentications, which, in many circumstances, can offer a better user experience. For instance, Google re-authenticates users only as a last option.

But longer sessions introduce additional operational considerations, such as:

  • Increased entries in LDAP
  • More load on the VM resources, like memory and CPU
  • More stress on LDAP replication (if your servers are clustered).

In our latest release, Gluu Server 3.1.6, unused and expired cache and session related entries are periodically removed from oxAuth with a cleaningJob. This reduces unnecessary data from LDAP and generally improves the server’s performance.

However, if you are operating an earlier version of Gluu 3.1.x and have long-lived sessions configured for a large data set, cached data should be cleared manually.

The best and safest way to clear cache in 3.1.x is to backup and restore LDAP.

We’ve added instructions in our docs for both Gluu OpenDJ and OpenLDAP.

Note: this is a temporary workaround to make sure services don’t crash unexpectedly. The best solution is to upgrade to Gluu server 3.1.6, which handles cached sessions better out-of-the-box.

If you spot any issues with the docs or the process, open an issue on Gluu support or submit a pull request to our documentation on GitHub.

Thanks!

Be sure to subscibe to
our RSS Feed

William Lowe

As the marketing and operations leader at Gluu, Will works across channels to ensure the successful release of new products, features and services to Gluu's international community of identity & access management gurus!