PingFederate Server

Using custom solutions for persistent session storage

The PingFederate SDK supports custom storage for persistent authentication sessions.

Steps

  1. Implement the SessionStorageManager interface.

    For more information, see the Javadoc for the SessionStorageManager interface. The Javadocs for PingFederate are in the <pf_install>/pingfederate/sdk directory.

  2. Edit the <pf_install>/pingfederate/server/default/conf/service-points.conf file:

    1. Go to the # Service for storing Authentication Sessions section.

      # Service for storing Authentication Sessions.
      # Supported classes:
      #   org.sourceid.saml20.service.session.data.impl.SessionStorageManagerJdbcImpl : Use this service-point for a Jdbc implementation.
      #   org.sourceid.saml20.service.session.data.impl.SessionStorageManagerLdapImpl : Use this service-point for an LDAP implementation.
      #   org.sourceid.saml20.service.session.data.impl.SessionStorageManagerDynamoDBImpl : Use this service-point for a DynamoDB implementation.
      session.storage.manager=org.sourceid.saml20.service.session.data.impl.SessionStorageManagerJdbcImpl
    2. Change the value of the session.storage.manager service to the name of your class.

    For a clustered PingFederate environment, you must edit the service-points.conf file on each node manually because cluster replication can’t replicate this change to other nodes.

  3. Deploy the required program files of your custom implementation to all PingFederate servers.

  4. Start or restart PingFederate.

    include:::partial$pf_rc_notes.adoc[tags=pf_ph_replicateConfiguration] Start or restart the PingFederate service on each engine node to activate the change.