2 Replies Latest reply on Mar 22, 2011 12:04 PM by Jon Scholten

    Transparent Bridge Authentication and TTL

    ittech

      There are 2 steps in autheticating when using Transparent Bridge Mode (please forgive me if I screw up the explaination)

       

      1. Redirecting to the Authentication Server

       

      2. Requesting Authentication from your Database

       

      Both steps have a TTL. In this example let's say Step 1 has a "Session TTL for the authentication server" of 3600 seconds and Step 2 has an "Authentication cahce entry TTL" of 60 minutes. Both TTLs are an hour.

       

      My question is do both TTLs have to match?  What would happen if they didn't?

        • 1. Re: Transparent Bridge Authentication and TTL
          jont717

          I use the same authentication setup.  As far as I can  tell, only the first TTL is what matters anyway when using this setup. 

           

          If the first authentication is set to 1 hour, and the user is in within that time, then the second request never happens anyway. 

           

          We have ours set to 8 hours. They authenticate once in the morning and that is it all day.  So we only hit number 1 + 2 in the morning, and then never hit 2 again all day. 

          1 of 1 people found this helpful
          • 2. Re: Transparent Bridge Authentication and TTL
            Jon Scholten

            Jonathan is correct, Session TTL for the auth server is how long you will be authenticated for with the auth server. (How often your users would authenticate)

             

            The second is to cache the group information, so if it is set to 60 minutes, this means it will look up X user's group information every 60 minutes. (How often to look up the user's group info)

             

            Both do not need to match.

             

            ~Jon