[mitreid-connect] Multiple instances connected to a single DB
Luiz Omori
luiz.omori at duke.edu
Thu Jul 7 09:36:09 EDT 2016
Oh, I apologize. Indeed Introspection works with a common DB. The failure was in my test code was pointing to the wrong second server.
I will take a look at the sticky or replication session configuration within Tomcat. As far as you know, that’s purely Tomcat, nothing changes for MitreID and/or Spring, right?
Regards,
Luiz
From: "yannick.beot at gmail.com<mailto:yannick.beot at gmail.com>" <yannick.beot at gmail.com<mailto:yannick.beot at gmail.com>>
Date: Thursday, July 7, 2016 at 3:04 AM
To: Justin Richer <jricher at mit.edu<mailto:jricher at mit.edu>>
Cc: Luiz Omori <luiz.omori at duke.edu<mailto:luiz.omori at duke.edu>>, "mitreid-connect at mit.edu<mailto:mitreid-connect at mit.edu>" <mitreid-connect at mit.edu<mailto:mitreid-connect at mit.edu>>
Subject: RE: [mitreid-connect] Multiple instances connected to a single DB
I agree : Introspection should work with a common DB.
Session is more for the authentication part (CSRF, SSO, …)
Envoyé de mon téléphone Windows 10
De : Justin Richer<mailto:jricher at mit.edu>
Envoyé le :jeudi 7 juillet 2016 02:24
À : yannick.beot at gmail.com<mailto:yannick.beot at gmail.com>
Cc : Luiz Omori<mailto:luiz.omori at duke.edu>; mitreid-connect at mit.edu<mailto:mitreid-connect at mit.edu>
Objet :Re: [mitreid-connect] Multiple instances connected to a single DB
Yes, you will need to replicate your session information, but that’s doable with Tomcat and other containers, and Spring should support it fine.
There’s no reason for introspection not to work in this configuration, so I’m not sure what you’re talking about there. I’ve seen several split deployments (multiple IdPs using multi-homed DNS and a common DB, no load balancer) and introspection works perfectly in those cases. Something else must be wrong if that broke.
— Justin
On Jul 6, 2016, at 6:49 PM, yannick.beot at gmail.com<mailto:yannick.beot at gmail.com> wrote:
Hi,
It depends on your configuration but you should probably use a sticky session or replicate session data between your instances.
Envoyé de mon téléphone Windows 10
De : Luiz Omori<mailto:luiz.omori at duke.edu>
Envoyé le :mercredi 6 juillet 2016 22:42
À : mitreid-connect at mit.edu<mailto:mitreid-connect at mit.edu>
Objet :[mitreid-connect] Multiple instances connected to a single DB
Hi,
We have an use case that calls for having multiple servers running in parallel in a load balancing fashion. All instances would be connected to a single DB backend. Has anybody tried that? Any potential problems you can think of? We know that all of them will have to use the same ISSUER configuration otherwise, perhaps among other things, introspection won’t work (we tested).
Regards,
Luiz
_______________________________________________
mitreid-connect mailing list
mitreid-connect at mit.edu<mailto:mitreid-connect at mit.edu>
http://mailman.mit.edu/mailman/listinfo/mitreid-connect<https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.mit.edu_mailman_listinfo_mitreid-2Dconnect&d=CwMFaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=R6m41WT3w_KtulQAsSIxc_C2mwuKoWSycEMpss0QQJA&m=Z8s9iJUyYBIaH58vNK0ro0apSv7au837UveAf9FC0gY&s=ziWD6Ha3X3woxxqu9zPDbEIzpDGa1IFpvzF5xzpxCT4&e=>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20160707/7b48f9ea/attachment-0001.html
More information about the mitreid-connect
mailing list