<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 5 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style></head><body lang=FR link=blue vlink="#954F72"><div class=WordSection1><p class=MsoNormal>I agree : Introspection should work with a common DB.</p><p class=MsoNormal>Session is more for the authentication part (CSRF, SSO, …)<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Envoyé de mon téléphone Windows 10</p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p> </o:p></span></p><div style='mso-element:para-border-div;border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal style='border:none;padding:0cm'><b>De : </b><a href="mailto:jricher@mit.edu">Justin Richer</a><br><b>Envoyé le :</b>jeudi 7 juillet 2016 02:24<br><b>À : </b><a href="mailto:yannick.beot@gmail.com">yannick.beot@gmail.com</a><br><b>Cc : </b><a href="mailto:luiz.omori@duke.edu">Luiz Omori</a>; <a href="mailto:mitreid-connect@mit.edu">mitreid-connect@mit.edu</a><br><b>Objet :</b>Re: [mitreid-connect] Multiple instances connected to a single DB</p></div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'>Yes, you will need to replicate your session information, but that’s doable with Tomcat and other containers, and Spring should support it fine.</span><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p></o:p></span></p><div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p> </o:p></span></p></div><div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'>There’s no reason for introspection not to work in this configuration, so I’m not sure what you’re talking about there. I’ve seen several split deployments (multiple IdPs using multi-homed DNS and a common DB, no load balancer) and introspection works perfectly in those cases. Something else must be wrong if that broke.<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p> </o:p></span></p></div><div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'> — Justin<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p> </o:p></span></p><div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'>On Jul 6, 2016, at 6:49 PM, <a href="mailto:yannick.beot@gmail.com">yannick.beot@gmail.com</a> wrote:<o:p></o:p></span></p></div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p> </o:p></span></p><div><div><p class=MsoNormal>Hi,<o:p></o:p></p></div><div><p class=MsoNormal><span lang=EN-US>It depends on your configuration but you should probably use a sticky session or replicate session data between your instances.</span><o:p></o:p></p></div><div><p class=MsoNormal> <o:p></o:p></p></div><div><p class=MsoNormal>Envoyé de mon téléphone Windows 10<o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'> </span><o:p></o:p></p></div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><div><p class=MsoNormal><b>De :<span class=apple-converted-space> </span></b><a href="mailto:luiz.omori@duke.edu"><span style='color:#954F72'>Luiz Omori</span></a><br><b>Envoyé le :</b>mercredi 6 juillet 2016 22:42<br><b>À :<span class=apple-converted-space> </span></b><a href="mailto:mitreid-connect@mit.edu"><span style='color:#954F72'>mitreid-connect@mit.edu</span></a><br><b>Objet :</b>[mitreid-connect] Multiple instances connected to a single DB<o:p></o:p></p></div></div><div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'> </span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt'>Hi,</span><o:p></o:p></p></div><div><div><p class=MsoNormal><span style='font-size:10.5pt'> </span><o:p></o:p></p></div></div><div><div><p class=MsoNormal><span style='font-size:10.5pt'>We have an use case that calls for having multiple servers running in parallel in a load balancing fashion. All instances would be connected to a single DB backend. Has anybody tried that? Any potential problems you can think of? We know that all of them will have to use the same ISSUER configuration otherwise, perhaps among other things, introspection won’t work (we tested).</span><o:p></o:p></p></div></div><div><div><p class=MsoNormal><span style='font-size:10.5pt'> </span><o:p></o:p></p></div></div><div><div><p class=MsoNormal><span style='font-size:10.5pt'>Regards,</span><o:p></o:p></p></div></div><div><p class=MsoNormal><span style='font-size:10.5pt'>Luiz</span><o:p></o:p></p></div><div><p class=MsoNormal> <o:p></o:p></p></div><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif'>_______________________________________________<br>mitreid-connect mailing list<br><a href="mailto:mitreid-connect@mit.edu">mitreid-connect@mit.edu</a><br><a href="http://mailman.mit.edu/mailman/listinfo/mitreid-connect">http://mailman.mit.edu/mailman/listinfo/mitreid-connect</a></span><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p></o:p></span></p></div></blockquote></div></div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p> </o:p></span></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>