Name Value, Propagation | IBM 6.1.X manual

S E C U R I T Y A T T R I B U T E P R O P A G A T I O N

To reduce the Security Attribute Propagation (SAP) overhead, please use a custom property 'disable Callerlist'. If SAP is not used, you can disable that, to remove the extra overhead to improve the login performance.

If Subject has not been customized, then there is no need to enable Security Attribute Propagation. Security Attribute Propagation can add extra overhead due to some extra processing that is required. However, there are certain configurations where performance might be better with security propagation enabled due to reduction of remote registry calls. See the WebSphere 6.1 InfoCenter (search for 'security attribute propagation') for a discussion of when propagating security attributes is desirable. If you want to enable SAP for functional reasons, you can improve the performance with CallerList tuning mentioned below.

These settings apply to all platforms.

How to Set: In the WebSphere Administrative Console: Security->Secure Administration, Applications, and Infrastructure -> Custom properties ->

Table 2: WebSphere Security Attribute Propagation Settings

	Security	Name	Value
	Attribute	Name	Value
	Attribute
	Propagation	com.ibm.CSI.disablePropagationCallerList	true
		com.ibm.CSI.disablePropagationCallerList	true

		com.ibm.CSI.rmiOutboundPropagationEnabled	false

		com.ibm.CSI.rmiInboundPropagationEnabled	false

		com.ibm.ws.security.webInboundPropagationEnabled	false

For com.ibm.CSI.disablePropagationCallerList create a new property, for the other 3 properties, modify their value to “false”.

Note to WAS 7:

In our WAS 7 environment, we add com.ibm.CSI.disablePropagationCallerList = true, and use the other 3 default true attributes. For was7, this field is accessed through: Security->Global Security ->CustomProperties->New.

1 0

W E BS P HE R E P O R T AL V 6 . 1 T U N I N G G U I D E

Image 15

IBM 6.1.X manual Name Value, Propagation

Contents

IBM WebSphere Portal software family Your world. Your way IBM WebSphere Portal Contents Web Server Tuning Portlet Caching General Information Figures About this Document Performance Tuning Overview Environment Considerations Base Portal Tuning How to get to Admin Console Application Server Tuning Initial 1792 2048 ParameterLinux Solaris Windows 2003 POWER5 Parameter Value Additional Information New Area Size Xmn320m Xmn256m Xmn768m Xmn1024m Timeout Session MinutesWeb Container Thread pool Size Propagation Name Value Context Pool Setting Default Value How to Set Default Value Definition Used WebSphere Portal Services G I S T R Y S E R V I C E Cache Name Default Value Value Used Database Database name Datasource name Database Tuning 2 O N a I X S E T U P Db2 reorgchk update statistics on table all Db2 reorgchk current statistics on table all reorgchk.txt A C L E D a T a B a S E S E R V E R T U N I N G Parameter Value AIXTHREADSCOPE=S Execute Db2 update db config for idsldap using dbheap Directory Server Tuning Linux Windows Additional Information Web Server Tuning MinSpareThreads MaxSpareThreads Operating System Tuning N U T W O R K T U N I N G How-to-Setndd -set /dev/tcpPARAMETER Value L a R I S C O N T a I N E R Maxthreadtasks Required Fixes JVM Initial and Maximum Heap Size WEB 2.0 Theme TuningNavigator Service Properties Parameter Setting Used Caching Proxy Tuning Parameter Setting Used Additional InformationInternet Explorer Support of Vary Header # set cache-control public for various static content # uncommented these to enable statics to be cached ExpiresActive On Portlet Caching Many Pages Tuning DB2 Database TuningRelease DB Parameter Cache Manager Service WEB Content Management Tuning Cache Name WebSphere Portal Service Properties WCM Object Cache JCR Text Search WCM Configuration Service DB2 Tuning Authoring Environment DB2 BP4 Cache Manager Service Properties Composite Applications Tuning Composite Applications Best Practices BS P HE R E P O R T AL V 6 T U N I N G G U I D E Value true Cluster Tuning How-To Set ThreadLimit ServerLimit Parameter Setting Additional Details Session Persistence To Database Tuning Vertical Cluster Tuning IBM Tivoli Directory Server Tuning Improving Portal Startup Performance Other Performance Tuning Options Managing the Retrieval of User Attributes BS P HE R E P O R T AL V 6 T U N I N G G U I D E Use of Dynamic Content Features Real-World Network Considerations BrowserMatch Mozilla/4 gzip-only-text/html General Information Websphere Portal Caches BS P HE R E P O R T AL V 6 T U N I N G G U I D E BS P HE R E P O R T AL V 6 T U N I N G G U I D E Pattern invalidation checking Cache Usage Patterns Cache Instances Com.ibm.wps.ac.PermissionCollectionCache Portal Access Control Cache Hierarchy Com.ibm.wps.ac.RolesCache Com.ibm.wps.ac.AccessControlUserContextCacheCom.ibm.wps.ac.ProtectedResourceCache Com.ibm.wps.ac.OwnedResourcesCache Com.ibm.wps.ac.ExternalOIDCache Com.ibm.wps.ac.ChildResourcesCache Com.ibm.wps.ac.ApplicationRoleOIDCacheCom.ibm.wps.ac.ApplicationRoleDescriptorCache Com.ibm.wps.puma.DNOIDCache / com.ibm.wps.puma.OIDDNCache Com.ibm.wps.ac.ApplicationRolesForPrincipalCacheCom.ibm.wps.ac.ContainedRolesCache Com.ibm.wps.ac.ApplicationRoleChildrenCache Com.ibm.wps.datastore.PortalIdCache.vpPerLpid.cache Com.ibm.wps.datastore.PortalIdCache.explicitLpidPerVPCom.ibm.wps.datastore.pageinstance.OIDCache Com.ibm.wps.datastore.pageinstance.DynamicNodeCache Com.ibm.wps.datastore.pageinstance.DerivationCache Com.ibm.wps.model.factory.SimpleCacheKey Com.ibm.wps.model.content.impl.ResourceCache Com.ibm.wps.model.factory.ContentModelCache.live Com.ibm.wsp.mode.content.impl.TopologyCache Com.ibm.wps.model.factory.URLMappingCache.live Com.ibm.wps.model.factory.ContentModelCache.isolated Com.ibm.wps.model.factory.MultiModelCache.isolated Com.ibm.wps.model.content.impl.DynamicLoadCacheCom.ibm.wps.model.factory.URLMappingCache.isolated Com.ibm.wps.model.factory.MultiModelCache.live Wps.mappingurl.LookupCache Com.ibm.wps.services.vpmapping.VirtualPortalIDToRealmCacheCom.ibm.wps.model.impl.RuntimeClientMap.userAgent2client Wps.mappingurl.ContextsCache Com.ibm.wps.services.vpmapping.VirtualPortalIDToURLCache Com.ibm.wps.services.vpmapping.URLToVirtualPortalIDCacheWsrp.cache.portletdescription Wsrp.cache.portlet.window Wsrp.cache.servicedescriptionWsrp.cache.portlet.instance Wsrp.cache.producer.user Wp.te.transformationAssociationCache Wsrp.producer.portletpool.popsWsrp.producer.portletpool.ccps Processintegration.PendingTasksCache Com.ibm.wps.policy.services.UserPolicyNodeCacheManager Com.ibm.wps.policy.services.PolicyCacheManager Com.lotus.cs.services.directory.wmm.WMMDirectoryService Com.lotus.cs.services.UserEnvironmentCom.lotus.cs.services.domino.DominoService Wp.xml.configitems Com.ibm.wps.pe.portletentityPortletMenuCache Com.ibm.workplace.searchmenu.helper.SearchMenuCacheHelper RegistryService Example Scenarios BS P HE R E P O R T AL V 6 T U N I N G G U I D E R T a L S W I T H L O N G S E S S I O N T I M E O U T S BS P HE R E P O R T AL V 6 T U N I N G G U I D E WCM Cache Instances WEB Content Management CachesServices/cache/iwk/strategy WCM Item caching Services/cache/iwk/objectsummary WCM Summary Services/cache/iwk/module Services/cache/iwk/processing Advanced and Resour cesServices/cache/iwk/session Session Services/cache/iwk/missed Missed Items Services/cache/iwk/menu MenuServices/cache/iwk/nav Navigator Services/cache/iwk/abspath Absolute path Services/cache/iwk/libparent Library Parent Services/cache/iwk/draftSummary Draft SummaryUser cache Appendix A. References Lee Backstrom, Document Coordinator Mark Alkins, Manager BS P HE R E P O R T AL V 6 T U N I N G G U I D E