Security cache

For performance reasons, Content Platform Engine caches information on users, groups, and realms returned by the directory service.

Cached security information can become stale as a result of changes made to the directory server. Each collection of users, groups and realms is subject to a Time to Live (TTL). From the time that a collection is first retrieved until the TTL interval has elapsed, requests for the same collection will return the cached information. Once the TTL has elapsed, the cached information will be discarded and fresh data will be obtained from the directory server.

Cache staleness can have the following effects:

• Recently added users, groups, or realms will not be visible in the relevant collections.
• Recently deleted users, groups, or realms will appear to be still present until the credentials cache refreshes.
• Updates to user or group information (for example, changed display name) will not be visible.

Staleness does not affect the ability to use a recently added user or group name in programmatic calls, nor to log in as a recently added user. Also, staleness does not compromise the security of objects. Content Platform Engine has several default TTL settings.