You can replicate authorization service components
to increase availability in a heavy-demand environment.
You can configure the master authorization policy database, containing
policy rules and credential information, to automatically replicate.
Resource managers that call the authorization service have two options
for referencing this database information:
The application, when configured to work seamlessly with the authorization
evaluator, uses a local cache of the database.
The database is
replicated for each resource manager that uses the authorization service
in local cache mode.
The application uses a shared replica cached by the remote authorization
server component.
The database is replicated for each instance
of the authorization server. Many applications can access a single
authorization server.
The
update notification from the policy server occurs whenever a change
is made to the master authorization policy database. The update notification
triggers the caching process to update all replicas, as shown in Figure 1: Figure 1. Replicated authorization service components
