Anonymous_User Absent Member.
Absent Member.
385 views

Configuring session failover


Hello,

We have a cluster with 2 identity servers. We configured the session
failover as outlined in the documentation. We set IDP Failover Peer
Server Count to 1.

To test the configuration we do this:
- we start the the first server and stop the second one
- we access the url of the application
- the load balancer redirect us on the first server
- we start the second server then authenticate
- we stop the first server and the identity server ask us to
re-authenticate

Is there additionnal configuration to do on servers?

Regards


--
moularbi
------------------------------------------------------------------------
moularbi's Profile: https://forums.netiq.com/member.php?userid=1196
View this thread: https://forums.netiq.com/showthread.php?t=47910

0 Likes
4 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Configuring session failover


moularbi;230198 Wrote:
> Hello,
>
> We have a cluster with 2 identity servers. We configured the session
> failover as outlined in the documentation. We set IDP Failover Peer
> Server Count to 1.
>
> To test the configuration we do this:
> - we start the the first server and stop the second one
> - we access the url of the application
> - the load balancer redirect us on the first server
> - we start the second server then authenticate
> - we stop the first server and the identity server ask us to
> re-authenticate
>
> Is there additionnal configuration to do on servers?
>
> Regards


Did you setup your AG ESP stuff?

> All trusted Embedded Services Providers need to be configured to send
> the attributes used in Form Fill and Identity Injection policies at
> authentication. If you use any attributes other than the standard
> credential attributes in your contracts, you also need to send these
> attributes. To configure the attributes to send, click Devices >
> Identity Servers > Edit > Liberty > [Name of Service Provider] >
> Attributes.



--
kjhurni
------------------------------------------------------------------------
kjhurni's Profile: https://forums.netiq.com/member.php?userid=322
View this thread: https://forums.netiq.com/showthread.php?t=47910

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Configuring session failover


kjhurni;230202 Wrote:
> Did you setup your AG ESP stuff?


Yes, we configured ESP to send attributes.

Is there additional configuration to do on the load-balancer?


--
moularbi
------------------------------------------------------------------------
moularbi's Profile: https://forums.netiq.com/member.php?userid=1196
View this thread: https://forums.netiq.com/showthread.php?t=47910

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Configuring session failover


moularbi;230220 Wrote:
> Yes, we configured ESP to send attributes.
>
> Is there additional configuration to do on the load-balancer?


Depends. The docs mention that if your load balancer is doing any sort
of NAT/PAT, you need to do additional items.


--
kjhurni
------------------------------------------------------------------------
kjhurni's Profile: https://forums.netiq.com/member.php?userid=322
View this thread: https://forums.netiq.com/showthread.php?t=47910

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Configuring session failover


kjhurni;230421 Wrote:
> Depends. The docs mention that if your load balancer is doing any sort
> of NAT/PAT, you need to do additional items.


Ok. Thanks!


--
moularbi
------------------------------------------------------------------------
moularbi's Profile: https://forums.netiq.com/member.php?userid=1196
View this thread: https://forums.netiq.com/showthread.php?t=47910

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.