[mitreid-connect] Multiple instances connected to a single DB

Justin Richer jricher at mit.edu
Thu Jul 7 09:47:37 EDT 2016 

That's right -- as far as I'm aware (not having set it up myself but 
spoken to people who have) it's a purely Tomcat configuration.

  -- Justin


On 7/7/2016 9:36 AM, Luiz Omori wrote:
> Oh, I apologize. Indeed Introspection works with a common DB. The 
> failure was in my test code was pointing to the wrong second server.
>
> I will take a look at the sticky or replication session configuration 
> within Tomcat. As far as you know, that’s purely Tomcat, nothing 
> changes for MitreID and/or Spring, right?
>
> Regards,
> Luiz
>
> From: "yannick.beot at gmail.com <mailto:yannick.beot at gmail.com>" 
> <yannick.beot at gmail.com <mailto:yannick.beot at gmail.com>>
> Date: Thursday, July 7, 2016 at 3:04 AM
> To: Justin Richer <jricher at mit.edu <mailto:jricher at mit.edu>>
> Cc: Luiz Omori <luiz.omori at duke.edu <mailto:luiz.omori at duke.edu>>, 
> "mitreid-connect at mit.edu <mailto:mitreid-connect at mit.edu>" 
> <mitreid-connect at mit.edu <mailto:mitreid-connect at mit.edu>>
> Subject: RE: [mitreid-connect] Multiple instances connected to a single DB
>
> I agree : Introspection should work with a common DB.
>
> Session is more for the authentication part (CSRF, SSO, …)
>
> Envoyé de mon téléphone Windows 10
>
> *De : *Justin Richer <mailto:jricher at mit.edu>
> *Envoyé le :*jeudi 7 juillet 2016 02:24
> *À : *yannick.beot at gmail.com <mailto:yannick.beot at gmail.com>
> *Cc : *Luiz Omori <mailto:luiz.omori at duke.edu>; 
> mitreid-connect at mit.edu <mailto:mitreid-connect at mit.edu>
> *Objet :*Re: [mitreid-connect] Multiple instances connected to a single DB
>
> Yes, you will need to replicate your session information, but that’s 
> doable with Tomcat and other containers, and Spring should support it 
> fine.
>
> There’s no reason for introspection not to work in this configuration, 
> so I’m not sure what you’re talking about there. I’ve seen several 
> split deployments (multiple IdPs using multi-homed DNS and a common 
> DB, no load balancer) and introspection works perfectly in those 
> cases. Something else must be wrong if that broke.
>
>  — Justin
>
>     On Jul 6, 2016, at 6:49 PM, yannick.beot at gmail.com
>     <mailto:yannick.beot at gmail.com> wrote:
>
>     Hi,
>
>     It depends on your configuration but you should probably  use a
>     sticky session or replicate session data between your instances.
>
>     Envoyé de mon téléphone Windows 10
>
>     *De :*Luiz Omori <mailto:luiz.omori at duke.edu>
>     *Envoyé le :*mercredi 6 juillet 2016 22:42
>     *À :*mitreid-connect at mit.edu <mailto:mitreid-connect at mit.edu>
>     *Objet :*[mitreid-connect] Multiple instances connected to a single DB
>
>     Hi,
>
>     We have an use case that calls for having multiple servers running
>     in parallel in a load balancing fashion. All instances would be
>     connected to a single DB backend. Has anybody tried that? Any
>     potential problems you can think of? We know that all of them will
>     have to use the same ISSUER configuration otherwise, perhaps among
>     other things, introspection won’t work (we tested).
>
>     Regards,
>
>     Luiz
>
>     _______________________________________________
>     mitreid-connect mailing list
>     mitreid-connect at mit.edu <mailto:mitreid-connect at mit.edu>
>     http://mailman.mit.edu/mailman/listinfo/mitreid-connect
>     <https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.mit.edu_mailman_listinfo_mitreid-2Dconnect&d=CwMFaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=R6m41WT3w_KtulQAsSIxc_C2mwuKoWSycEMpss0QQJA&m=Z8s9iJUyYBIaH58vNK0ro0apSv7au837UveAf9FC0gY&s=ziWD6Ha3X3woxxqu9zPDbEIzpDGa1IFpvzF5xzpxCT4&e=>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20160707/1311bd7d/attachment.html

More information about the mitreid-connect mailing list