Changes between Version 3 and Version 4 of IdpOverview


Ignore:
Timestamp:
07/08/11 14:49:52 (13 years ago)
Author:
jpmitchell@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • IdpOverview

    v3 v4  
    99The Shibboleth implementation runs in a Java web container. The UA installation is running on Tomcat 6.x support by Java 1.6. It is installed in the /opt/shibboleth-idp and /opt/tomcat directories. We are not using the Red Hat supplied Tomcat as it is currently only at version 5.x for RHEL 5.x which is the supporting OS. 
    1010 
    11 Load balancing is performed via a hardware appliance built by Coyote Point. The https://idp.alaska.edu service URL is bound to the load balancer which utilizes some form of NAT to rewrite packets and send them to the servers that are actually running the Shibboleth service. Currently the load balancer is providing fail over for the two production boxes in a master/hot-standby configuration. This is due to the nature of sessions in SAML and how state is managed in Shibboleth. Currently if one production server goes down the load balancer will shift load to the other production server and SSO sessions are lost for users. Current application sessions (SPs) are maintained in the applications, so users can still access current applications but will be forced to login again to new applications. 
     11Load balancing is performed via a set of hardware appliances built by Coyote Point configured in a master/slave redundant pair. The https://idp.alaska.edu service URL is bound to the load balancer which utilizes some form of NAT to rewrite packets and send them to the servers that are actually running the Shibboleth service. Currently the load balancer is providing fail over for the two production boxes in a master/hot-standby configuration. This is due to the nature of sessions in SAML and how state is managed in Shibboleth. Currently if one production server goes down the load balancer will shift load to the other production server and SSO sessions are lost for users. Current application sessions (SPs) are maintained in the applications, so users can still access current applications but will be forced to login again to new applications. 
    1212 
    1313References:[[br]]