Announcement Announcement Module
Collapse
No announcement yet.
Data storage and multiple service provider instances for failover Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Data storage and multiple service provider instances for failover

    Hi,

    I am investigating running two instances of the same SAML SP on two Tomcat nodes for load-balancing and failover purposes.

    Does your implementation store data only against the session or does it store data in other locations?

    I need to figure out whether configuring session replication between the two Tomcat nodes is sufficient or whether there are other data storage locations that I need to worry about.

    Thanks.

  • #2
    Hi,

    Storage of SAML-specific data which is required between requests is abstracted to the SAMLMessageStorage interface and the default implementation uses HttpSession. So session replication is all you need for failovers.

    Make sure to set forcePrincipalAsString to true in the SAMLAuthenticationProvider or provide your own SAMLUserDetailsService which returns a Serializable object. With forcePrincipalAsString false (default setting for backward compatibility reasons) you can end up with a non-serializable NameID object in your session.

    Cheers, Vladi

    Comment


    • #3
      Vladi,

      That's great and thanks for the details.

      Ray

      Comment

      Working...
      X