AnsweredAssumed Answered

Access management based on user attribute is considering old value. Siteminder cache refresh issue

Question asked by sachinhegde on Feb 13, 2017
Latest reply on Feb 15, 2017 by Ujwol Shrestha

Hi,

we have a access condition based on user attribute value. i.e if x=0 grant access. we tried following test cases.

1. We tested policy with one value(X=0). since policy was configured to provide access. the user got access to the resource.

2. in the back end(CA directory-User Directory) we changed value x=1. when user tried to access same resource, policy did not take new value. user was getting access based on old value(x=0).

same was observed with value initially x=1 and then changed to x=0

After changing attribute in the back-end we waited for hours but siteminder kept taking old value. the only way we could clear old cache was to flush it or to restart policy server.


following are our queries.
1. We want to understand what is the reason Siteminder is not resolving attribute by comparing against User directory? is there a cache management at Siteminder, if so what is the cache refresh time?
2. If there is a default cache management, we want to understand the performance impact of changing default value.

 

Siteminder version 12.52 buildnumber 499 update 01.00

CA directory Version r12.0 SP14 (build 9140) Windows_NT/DXgrid 64-Bit

Ujwol

Outcomes