The Maximum Caching Time property of the session service currently has the description:
Maximum time before OpenAM refreshes a session that has been cached, in minutes.
However, as a result of a recent investigation we have confirmed that this value is not used as described by the help text.
The value is an 'informational' value which is to be used by external clients of the session service as a guide for how long they should cache the value before refreshing the session from the session service. This is confirmed in the following ways:
- Usage of the value com.sun.identity.shared.Constants#APPLICATION_SESSION_MAX_CACHING_TIME is only for storing the configuration value inside the Session (this behaviour is unchanged from AM 5)
- Confirmation that Agents 4 consumed the value which is rendered as maxcaching in the PLL response for a Session
- Sun OpenSSO Session Architecture document which provides the following explanation:
It is important to understand that values of the most of the attributes and properties are controlled
by the modules outside of the Session Service framework (primarily determined by the
Authentication Service). The Session Service framework takes on the passive role of providing the
storage for session information and enforcing some of the time-dependent behavior (e.g.,
invalidating and destroying sessions which exceeded their maximum Idle time or maximum session
Instead we propose the following as an alternative wording for the value:
Maximum time that external clients of AM should cache the session for, in minutes.