The following configuration allows to improve authentication speed when Logon Filter is used. You can configure the Logon Filter configuration file to decide that how often the logon filter connects to the Advanced Authentication server to update cache and cookie. Perform the following steps to configure the configuration file:
Go to ProgramData\NetIQ\LogonFilter\
Open the config.properties file.
Specify the following parameters in the configuration file:
config_cache_ttl_sec = 300
NOTE:In Advanced Authentication 6.0 and previous versions, Logon Filter queues the server configuration (repositories, MFA tags etc.) on every logon. From Advanced Authentication 6.1, Logon Filter queues the server configuration as per the specified value (by default 300 seconds). When the Advanced Authentication configuration is completed (all the Advanced Authentication Servers in cluster are configured, the MFA tags group are specified, the new repositories are not planned to be added), the value can be increased up to 3600 seconds.
cookie_cache_ttl_sec = 60
NOTE: In Advanced Authentication 6.0 and previous versions, Logon Filter validates cookies on Advanced Authentication Server on every logon. It can cause performance issues. From Advanced Authentication 6.1, Logon Filter supports caching of information provided by cookies. The default caching period is 60 seconds. It is sufficient for common deployment scenarios. In environments where the network connection is slow, the value can be increased. In this case, the administrator must monitor the memory usage because Logon Filter stores the cached cookies in RAM and that causes increased RAM usage.
Restart the operating system.