Security Settings
This page outlines how to configure credential caching, key encryption, and secure credential handling in NCache.
Enable Credential Caching
NCache offers Credential Caching where the authenticated user's credentials are stored in the cache to avoid repeated authentications during life of the process. This feature is disabled by default. To enable it, update the NCacheServer.EabaleCredentialCaching tag to true:
<add key="NCacheServer.EnableCredentialCaching" value="false"/>
Key Encryption Key
The Key Encryption Key (KEK) is used to encrypt the Data Encryption Key (DEK), which secures the actual cache data. It must be specified as a 32-byte hexadecimal string and configured consistently across all cache servers and remote clients in a distributed environment. To add or change KEK, update the NCache Service configuration file using the following key-value pair:
<add key="NCacheServer.KeyEncryptionKey" value="[Valid AES 256 KEY]"/>
Credentials Encryption Key
The Credentials Encryption Key (CEK) is used to encrypt user credentials stored in the NCache client configuration file. It helps secure sensitive information against unauthorized access. CEK must be a 32-byte hexadecimal string, and should be configured identically across all cache servers. To add or change CEK, update the NCache Service configuration file using the following key-value pair:
<add key="NCacheServer.CredentialsEncryptionKey" value="[Valid AES 256 KEY]"/>
