In Identity server, you can find... PDP level caching... it means, there are three caches..
- Policy cache --> This is by default enable. All policies are stored in in-memory by default. You can not change any thing with this.
Decision cache --> This is by default enable. You can configure it (enable/disable and cache timeout) using
entitlement.properties
file which can be found at<IS_HOME>/repository/conf/security
directory.Attribute cache --> This is by default enable. You can configure it (enable/disable and cache timeout) using
entitlement.properties
file which can be found at<IS_HOME>/repository/conf/security
directory.
Policy and Decision caches are invalidated, when policy update is detected. Also there are Web service API to clear these caches.