Abbreviations, used in manual:
AD - Active Directory
General explanation:
- The User's permissions cache significantly enhances performance. It stores specific User's detailed permissions in a *.json encrypted file.
- When quilliup is running in AD mode, the permissions cache is accessed every time a user performs an action in the quilliup UI.
- When quilliup is up in applicative mode, the permissions cache is accessed less often, because applicative mode has session timeout value.
- Loading user permissions without a cache can be time-consuming. therefore, it is highly recommended to use the permissions cache.
- The permissions cache keeps data in an encrypted format in a related *.json file per quilliup user.
- Such *.json files are updated according to a time-relevant parameter in quilliup's configuration file.
- The location of *.json files: quilliup/Tomcat folder -> "permCacheFiles" folder -> tenant name folder -> user's name.json file.
Pay attention to two possible cases:
Case 1 - your quilliup version is lower than 2.7.2, follow the next steps to set up permissions cache:
a. Go to the quilliup configuration file "..\quilliup\webapps\ROOT\WEB-INF\classes\config.properties".
b. Make sure that the parameter "cache.perm" is set to true ("cache.perm=true").
c. Search for the parameter "perm.refresh.minutes" and set it to the required value in minutes.
Note: the *.json file (per each user separately) will be recreated/updated if it's older than the parameter's "perm.refresh.minutes" value.
Case 2: Your quilliup version is 2.7.2 and upper, follow the next steps to set up permissions cache:
1. In quilliup UI go to the Administration module: "System Admin -> System Settings -> General Settings -> System Properties":
Utilize the User Permissions Cache Process - when marked true the users' cache is active.
User Permissions Cache Duration (minute) - set cache lifetime in minutes.
You can follow the Example below for more information.
2. After enabling the User Permission cache, you can control each specific user's cache in the Users/Groups grid in the Administration module:
For Users - "System Admin -> User management -> Users":
Clear button - the current *.json file will be deleted, and a new *.json file will be created only when a user accesses the quilliup UI.
Update button - the current *.json file will be recreated immediately.
For Groups - "System Admin -> User management -> Groups":
Note: once you've created a Group in quilliup UI, quilliup will automatically create a *.json file for all the Users in the Group, and the following rules are applied for all of them:
Clear button - the current *.json file will be deleted for all the Users in the Group, and a new *.json file will be created for each Group's User separately, when the User accesses quilliup next time.
Update button - all the *.json files for all the Group's Users will be recreated/updated.
Additional important notes:
- If the *.json file for a specific User doesn’t exist yet , it will be created (permissions cache will be fully loaded and it's data will be saved in the file).
- If *.json file for a specific User exists but it's outdated (older than a perm.refresh.minutes parameter's value), then the content of the existing *.json file will be shown and at the same time *.json will be updated by fully reloading User's permissions in an asynchronous manner.
- If *.json file for a specific User exists and isn't outdated (isn’t older than a perm.refresh.minutes parameter value), then user's permissions will be loaded from the *.json file and the file won't be updated.
Example: when permissions cache is on and the perm.refresh.minutes parameter is set to 60 minutes, and the User worked for only 55 minutes (namely, after 5 minutes he finished working), the *.json file won't be updated automatically after 60 minutes - it will be updated only the next time the user will access quilliup.
This process will guarantee the best practice in terms of system performance.
Comments
0 comments
Please sign in to leave a comment.