In a medium to large environment, you might have 50 or more clients accessing the server concurrently. To prevent operational failures, you should configure the session time-out and maximum number of open files to support your environment.
The session time out represents the amount of time a user can leave a page unattended in his or her Web browser before the server causes a session-time-out warning dialog box to appear. This value should be tuned to match the server and usage environment in which the application runs. In general, the session time out should be as short as practicable. If business requirements can tolerate a 5-minute session time out, this would allow the server to release unused resources twice as early as it would if the time-out value were 10 minutes. This improves performance and scalability of the Web application.
Consider the following when adjusting the session time out:
Long session time-outs can cause the Tomcat server to run out of memory if many users log in over a short period of time. This is true of any application server that has too many open sessions.
We recommend a timeout of three to five minutes for best performance.
When a user logs in to the identity applications, an LDAP connection is created for the user and bound to the session.Thus, the more sessions that are open, the greater the number of LDAP connections that are held. The longer the session time out, the longer these connections are held open. Too many open connections to the LDAP server (even if they are idle) can cause system performance degradation.
In addition to a short time-out interval, we recommend that you increase the number of
If the server starts experiencing out-of-memory errors, and the JVM heap and garbage collection tuning parameters have already been optimally tuned for the server and usage environments, consider lowering the session time out.
You can modify the session time out after installation by changing this value in the web.xml file in the IDMProv.war archive followed by a configuration update.
Lowering the session time-out decreases the number of LDAP connection threads, which improves performance. You can further improve performance by increasing the maximum number for open files on the Linux server. For example, increase the maximum number of open files on the server to 35,000.