Question regarding Load balancer configuration in Advanced Authentication

book

Article ID: 242272

calendar_today

Updated On:

Products

CA Strong Authentication CA Advanced Authentication CA Risk Authentication

Issue/Introduction

I understand that we need stickiness from Client to proxy and proxy to AFM for the load balancing in Arcot set up. 

Do we also need stickiness when AFM makes connection to Risk and Strong Auth service on port 8080 or 7680 and statemanager calls ? I understand that this are stateless calls and does not require stickiness ? is this understanding correct and can we have least connection Load balancing rule without any stickiness to distribute load evenly? 

Environment

Release : 9.1

Component :Strong Authentication

Risk Authentication

Resolution

Following applications in Advanced Auth product suite requires sticky session as they are session based application and need to preserved the state of the transaction.

  • ArcotAFM

           ArcotAFM application gets deployed in an application server, if there is any Web server or Reverse Proxy before that and that is load balanced then it is important that the request from WebServer 1 is send to ArcotAFM 1 only so sticky session should be enabled else session                 information will be lost and user will be see a session timeout error message.

  • ArcotAdmin

          ArcotAdmin application gets deployed in an application server, if there is any Web server or Reverse Proxy before the application server and that is load balanced then it is important that the request from WebServer 1 is send to ArcotAdmin 1 only so sticky session should be                  enabled else session information will be lost and user will be see a session timeout error message.

Every other components of Advanced Authentication product ( Strong Auth server, Risk Auth server, State Manager, UDS ) are stateless and request can go to any server for fetching information. Load balancer configuration for these components can be set as per the best practice recommendations from the service provider.