SP Session Registry Service
PingFederate uses the SP Session Registry Service to facilitate SLO by tracking assertions issued from identity provider (IdP) partners. PingFederate uses this service only when the server is acting in a service provider (SP) role and supports SLO with one or more partner connections.
When PingFederate is in clustered mode, the service proxy uses a group RPC-based, preferred-nodes implementation. The configuration file is <pf_install>/pingfederate/server/default/conf/cluster-sp-session-registry.conf
.
This service supports both adaptive clustering and directed clustering.
For adaptive clustering, PingFederate shares user session-state information with a replica set. If region identifiers are defined, PingFederate shares user session-state information among multiple replica sets across regions. You can override this default behavior in the configuration file.
For directed clustering, all preferred-node approaches are possible with this implementation.
Both adaptive clustering and the subcluster deployment strategies in directed clustering do not support the SAML 2.0 SLO profile using the SOAP binding. If one or more SAML 2.0 connections are configured to support SLO via SOAP, you must choose between the sharing all nodes and designating state servers deployment strategies in directed clustering (see Directed clustering). |
The service proxy uses the class org.sourceid.saml20.service.impl.grouprpc.SpSessionRegistryGroupRpcImpl
.