This topic is an overview of the two options for tracking session information between HTTP requests in PingFederate.
The PingFederate server tracks user-session state information between HTTP requests, such as when PingFederate, acting as an identity provider (IdP), redirects a user's browser to another system for authentication. When the user's browser returns to PingFederate after authentication, the server needs access to the state associated with that user from before the redirect. Generally, this state is short-lived.
The InterRequestStateMgmtProxy
implementation chooses between two methods
to track this state: group RPC-based (the clustering default) and local memory-based (the
standalone default).
The configuration file is <pf_install>/pingfederate/server/default/conf/cluster-inter-request-state.conf.
Group RPC-based session tracking
The group RPC-based implementation supports both adaptive clustering and directed clustering.
For adaptive clustering, PingFederate shares user session-state information with a replica set. If region identifiers are defined, PingFederate shares user session-state information among multiple replica sets across regions. You can override this default behavior in the <pf_install>/pingfederate/server/default/conf/cluster-adaptive.conf file.
For directed clustering, all preferred-node approaches are possible with this implementation.
The service-point InterRequestStateMgmt in the
<pf_install>/pingfederate/server/default/conf/META-INF/hivemodule.xml
file uses the proxy InterRequestStateMgmtProxy
to assign this
implementation as the clustering default. The specific class name is
org.sourceid.saml20.service.impl.grouprpc.InterRequestStateMgmtGroupRpcImpl
Local memory-based session tracking
The local memory-based session tracking implementation tracks users in the inter-request state in the local memory of the processing server. This is the standalone default.
Adaptive clustering does not support this implementation. Use the group RPC-based session tracking instead.
The service-point InterRequestStateMgmt in the
hivemodule.xml file uses the proxy
InterRequestStateMgmtProxy
to assign this implementation as the
clustering default. The specific class name is
org.sourceid.saml20.service.impl.localmemory.InterReqStateMgmtMapImpl
- Local memory-based session tracking and clustering
- Group RPC-based session tracking is the clustering default. To use local
memory-based session tracking in a clustered environment, update the service-point
InterRequestStateMgmt
to use the local memory-based session tracking class,org.sourceid.saml20.service.impl.localmemory.InterReqStateMgmtMapImpl
Note:The load balancer must support sticky sessions to force all requests for the same user session to be routed to the same server.