The distributed session cache
The distributed session cache is an independent service that acts as a centralized session repository for a clustered WebSEAL server environment. Servers in the cluster can use the distributed session cache to provide failover for user sessions.
The primary master of the cluster acts as the distributed session cache server. You can use a stand-alone cluster with only a single node for the distributed session cache. However, you can specify up to three supplementary masters to ensure high availability of the distributed session cache. These supplementary masters maintain replica copies of the distributed session cache for failover purposes.
For more information about how to configure a cluster of IBM Verify Identity Access appliances, see the "Cluster Support" topics in the Administering Web Reverse Proxy topics in the Knowledge Center.
- Appliance-based WebSEAL instances that are members of the same cluster as the distributed session cache server.
- Appliance-based WebSEAL instances that are on appliances that are not in the same cluster as the distributed session cache server. However, it is best to include the appliance in the same cluster as the distributed session cache server where possible.
- Software-based WebSEAL, version 7.0, instances.
The distributed session cache provides the following benefits:
- Manages sessions across clustered Web security servers.
- Resolves session inactivity and session lifetime timeout consistency issues in a replicated Web security server environment.
- Provides secure failover and single sign-on among replicated Web security servers.
- Provides controls over the maximum number of allowed concurrent sessions per user.
- Provides single sign-on capabilities and single sign-off among other websites in the same DNS domain.
- Provides performance and high availability protection to the server environment in the event of hardware or software failure.
- Allows administrators to view and modify sessions on the WebSEAL server.