IBM Security Verify

 View Only
Expand all | Collapse all

Speed things up when using oauth-auth in ISVA10.0.3.1

  • 1.  Speed things up when using oauth-auth in ISVA10.0.3.1

    Posted Mon June 13, 2022 04:33 AM
    Hi All,

    I am using oauth-auth in order to give mobile users access to protected resources.
    I noticed in the logs that the token is validated against the introspect endpoint for every request.
    The introspect endpoint is outside of my organisation.

    I wanted to speed things up. So I've enabled the following config setting:
    [session]
    max-entries = 4096
    timeout = 900
    inactive-timeout = 900
    [session-http-headers]
    Authorization = https

    I expected the token validation to take place once per 900 secs, but still the token is validated against the introspect endpoint for every request.
    And yes, the device is sending the same token.

    Can someone point me into the right direction?

    Regards,
    Paul van den Brink

    ------------------------------
    Paul van den Brink
    ------------------------------


  • 2.  RE: Speed things up when using oauth-auth in ISVA10.0.3.1

    Posted Mon June 13, 2022 04:18 PM

    Paul,

     

    You will also need to set the 'require-mpa' field within the '[session]' stanza to 'no', otherwise WebSEAL will not pay attention to the HTTP session header. 

     

    I hope that this helps.

     

    Thanks.

     

     

    Scott A. Exton
    Senior Software Engineer
    Chief Programmer - IBM Security Verify Access

    IBM Master Inventor

    cid4122760825*<a href=image002.png@01D85F83.85516C50">