I would like to see the ability to have SSPR clustered/load balanced to allow for HA or higher load capacity. It would also allow for easier management as we currently just have two nodes with the same configuration settings set on them and a load balancer in front of them. This works but we run into issues if persistence in the load balancer is not setup correctly or if a change is made to the configuration on one node and the change is missed on the other node. This basically doubles the management effort because all changes have to be made in two places each time a change it needed. This would get even worse the more nodes you have to have based on the load you are running.
currently we are using the SSPR appliance and access one of 4 available LDAP-Servers through a load balancer (we enabled stickiness of the connection like described above).
This is the only adversity we have:
We made the connections transparent to the LDAP-Backend to improve the debugging facilities. Therefore we need to add manually all LDAP server certificates even when they are made from the same CA.
This is annoying - It should be possible to add the CA-Cert only to trust all LDAP servers. If you are using the pure tomcat version instead of the appliance it works perfectly. But SLES it's not strategic to maintain OS and all the staff behind.