Distributed Session Cache in Docker environment

The Distributed Session Cache (DSC) is an independent service that acts as a centralized session repository for a Web Reverse Proxy server environment. Servers in the environment can use the DSC to provide failover for user sessions.

When Security Verify Access is running in a Docker environment, you can use the DSC Configuration page of the LMI to configure the DSC. See Managing Distributed Session Cache in Docker.

To configure a Web Reverse Proxy instance to use the DSC, go to Web > Manage > Reverse Proxy and select to edit the instance. On the Session tab, select the Enable Distributed Session Cache option. If you enable the DSC within a Web Reverse Proxy instance but do not want the configuration to be automatically updated if the DSC configuration changes, set the value of the dsess-auto-update entry in the [session] stanza in the WebSEAL configuration file to no.

The SSL certificates that are used by the DSC are stored in the dsc_key_store key store. This key store is initially populated with a self-signed certificate that is used when connecting to the DSC servers. The self-signed certificate can be replaced with a CA-signed certificate using the SSL Certificates management page of the LMI.

To start the DSC container within a Docker environment, specify the Docker environment variable INSTANCE = '1|2|3|4' at container start time. The instance number corresponds to the role that the DSC container will play in the environment (1 corresponds to primary, 2 corresponds to secondary, 3 corresponds to tertiary, 4 corresponds to quaternary). You can configure up to four DSC servers in your environment for high availability of the DSC. See Failover for the distributed session cache.