Changing the Amlen WebUI authentication cache timeout
The authentication cache timeout specifies how long an authenticated credential in the cache is valid. By default, the authentication cache timeout is set to 60 seconds. You can change this timeout by using the Web UI Settings page.
With the default value of 60 seconds, the password of a user is kept in the cache for 60 seconds. If the password is checked within the 60-second time period, the check is done against the cached password, not the password that is stored on Eclipse Amlen. If a user changes the password while the old password is in the cache, the old password works until the cached password reaches the timeout.
Specifying a larger value for the authentication cache timeout can increase the security risk because a revoked credential remains in the cache for longer. Specifying a value that is too small might affect performance because the user registry must be accessed more frequently. Consider specifying a value that is no more than one third of the LTPA token expiration value.
-
Go to the Web UI Settings page:
- From the Web UI menu, click Web UI Security. The Web UI Settings page is displayed.
- From the Authentication Cache Timeout pane:
- Enter a value into the Authentication Cache Timeout field. This value is the timeout period, in seconds. The value can be any value in the range of 1-3600.
- Click Save.