Reputation: 23
Q: How often is an LDAP user store refreshed in WSO2 Identity Server?
I am using WSO2 Identity Server 5.0.0. I have setup a primary read-only LDAP connection in user-mgt.xml. I created a new group on the LDAP server to assign permissions in the Roles section. The new group is not listed. How long does it take to refresh the LDAP groups and is there a way to force a refresh?
Upvotes: 1
Views: 668
Answers (1)
Reputation: 5821
Normally LDAP groups are read on-demand when it is listed down in the UI. If you have more then 1000 groups in the LDAP, then all the group would not be listed down in the UI.
If you mentioned about the roles under users.. It means that assigned roles for the users... Yes.. there is cache in WSO2IS called userRoleCache which will cache the roles for given user. This cache would be refreshed after 15min. Currently you can not configure this timeout value. If you want, you can completely disable the cache using following user store manager property (in user-mgt.xml file)
<Property name="UserRolesCacheEnabled">true</Property>
Upvotes: 2
Related Questions
- What is default WSO2IS user session timeout period
- What is the token refresh endpoint in WSO2 identity server to get new access token by refresh token
- WSO2 IS expose secondary user store as ldap
- WSO2 IS Create a secondary user store using internal LDAP
- Access/Refresh Token Usage
- WSO2 Identity Server Password Expiry
- wso2 identity server ldap browsing
- Refresh Token usage
- WSO2 Identity Server Authentication
- WSO2 Identity Server - LDAP user store not working