When enabling PingFederate authentication sessions, you can optionally select the persistent option so that PingFederate can leverage previous sessions as users request protected resources after restarting their browsers. This optional configuration requires session-state data to be stored externally, as opposed to in-memory alone. By default, PingFederate uses its internal HSQLDB database to maintain persistent authentications. You can also configure PingFederate to maintain persistent authentication sessions externally on a database server or a PingDirectory server.
When persistent authentication sessions are expected, consider maintaining session-data securely on an external storage medium for production standalone deployments.
For server clustering, an external storage is required because the internal HSQLDB database cannot be shared across other PingFederate engine nodes.
Changing the default storage involves two tasks.
- Create the required data structure on the external storage medium.
- Modify two PingFederate configuration XML files.