Access Control dynamically verifies the cumulative capabilities for external users at each logon by fetching the data from the external directories. To assign capabilities to external users, you can assign roles to these users or add external users to groups with roles. The external users might take a long time to logon if they are part of multiple groups. You can reduce the user logon time by caching the group membership data for the external users for the hours you specify in the group.cache.duration
parameter. Any external directory changes during this duration are reflected at next logon after the specified hours end.
To improve the user logon time:
\tomcat\webapps\securitymanager\WEB-INF\securitymanager.properties
file:refresh.groups.at.logon=
false
group.cache.duration=
n
where n is the number of hours until the group membership data is cached.
Note: When refresh.groups.at.logon=true
, the dynamic refresh at logon is enabled and the group.cache.duration
parameter is disregarded. By default refresh.groups.at.logon
is set to true.