Some organizations might find it helpful to configure their Gluu Server to issue longer user or client sessions. Longer sessions mean fewer authentications, which, in many circumstances, can offer a better user experience. For instance, Google re-authenticates users only as a last option.
But longer sessions introduce additional operational considerations, such as:
- Increased entries in LDAP
- More load on the VM resources, like memory and CPU
- More stress on LDAP replication (if your servers are clustered).
In our latest release, Gluu Server 3.1.6, unused and expired cache and session related entries are periodically removed from oxAuth with a
cleaningJob. This reduces unnecessary data from LDAP and generally improves the server’s performance.
However, if you are operating an earlier version of Gluu 3.1.x and have long-lived sessions configured for a large data set, cached data should be cleared manually.
The best and safest way to clear cache in 3.1.x is to backup and restore LDAP.
Note: this is a temporary workaround to make sure services don’t crash unexpectedly. The best solution is to upgrade to Gluu server 3.1.6, which handles cached sessions better out-of-the-box.
Subscribe to Get News and Product Updates
our RSS Feed