clear pdp cache

The clear pdp cache command clears all compiled XACML policies for an XACML PDP. To control the PDP cache, use the following properties.

Specify the TTL for the PDP.

During PDP configuration, use the cache-ttl command to specify a cache lifetime.

Use the XML manager.

When the PDP is for authorization, users can access the XML manager for the AAA policy with the clear xsl cache command. This command clears the compiled XACML policies for the XML manager that is associated with the AAA policy.

Use a URL refresh policy.

You can use a URL refresh policy whose match conditions match the internal URL xacmlpolicy:///pdpName to refresh the cache periodically.

• When PDP TTL is 0, the URL refresh policy controls cache refresh.
• For a no-cache URL refresh policy, XACML policies are never cached.
• For a protocol-specified URL refresh policy, the TTL of the PDP governs cache refresh unless its value is 0.
• For a default URL refresh policy with a refresh interval, the TTL of the PDP is ignored and the refresh interval governs cache refresh.
• For a no-flush URL refresh policy with a refresh interval, the greater of the refresh interval or the TTL of the PDP governs cache refresh.