Policy Server :: Oracle Policy Store : Failover

book

Article ID: 50050

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Federation (SiteMinder)

Issue/Introduction

 

Configuring the Policy Server Oracle ODBC system_odbc.ini file like
this :

  [SiteMinder Session Data Src 1]
  Driver=/opt/CA/siteminder/odbc/lib/NSora28.so
  Description=DataDirect 8.0 Oracle Driver
  LoginID=spsession
  HostName=vm-ppdb-13
  PortNumber=1521
  SID=a3sm
  CatalogOptions=0
  ProcedureRetResults=0
  EnableDescribeParam=0
  EnableStaticCursorsForLongData=0
  ApplicationUsingThreads=1
  DMCleanup=2

  [SiteMinder Session Data Src 2]
  Driver=/opt/CA/siteminder/odbc/lib/NSora28.so
  Description=DataDirect 8.0 Oracle Driver
  LoginID=spsession
  HostName=vm-ppdb-6
  PortNumber=1521
  SID=a3sm
  CatalogOptions=0
  ProcedureRetResults=0
  EnableDescribeParam=0
  EnableStaticCursorsForLongData=0
  ApplicationUsingThreads=1
  DMCleanup=2

Then the Policy Server reports this error message permanently:

   Policy Server was not able to initiate connection using secondary
   ODBC source [ERROR] Data source 'SiteMinder Session Data Src 2'

 

Resolution

 

Following documentation, if you use Oracle RAC, you need to set the
following features :

  ServiceName
  AlternateServers (1)
  Loadbalancing=1 (2)

and comment

  SID=nete_serverid

in order to get Failover mechanism. The Policy Server reports the
error because it tries to use both connections at the same time.

So, here is a sample of the system_odbc.ini file involving those
parameters base on the Policy Server out of the box configuration
guide line (3).

  [SiteMinder Oracle Data Source]
  Driver=/opt/CA/siteminder/odbc/lib/NSora28.so
  Description=DataDirect 8.0 Oracle Wire Protocol
  HostName=data1.training.com
  PortNumber=1521
  ServiceName=test1
  AlternateServers=(Hostname=data2.training.com:PortNumber=1521:ServiceName=test1,Hostname=data3.training.com:PortNumber=1521:ServiceName=test1)
  LoadBalancing=1
  CatalogOptions=0
  ProcedureRetResults=0
  EnableDescribeParam=0
  EnableStaticCursorsForLongData=0
  ApplicationUsingThreads=1
  ConnectionRetryDelay=5
  ConnectionRetryCount=5

Note that the only difference between loadbalancing value 1 and 0 is
that when it is set to 0, the driver will pick up the next server in a
sequential order instead of randomly (value 1).

This will fix the issue. Be sure you edit the file with Unix line
feeds if you edit it on Windows machine.

 

Additional Information

 

(1)

    Alternate Servers

      Alternate Servers

      Attribute

      AlternateServers (ASRV)

      Purpose

      A list of alternate database servers to which the driver tries to
      connect if the primary database server is unavailable. Specifying a
      value for this option enables connection failover for the
      driver. The value you specify must be in the form of a string that
      defines the physical location of each alternate server. All of the
      other required connection information for each alternate server is
      the same as what is defined for the primary server connection.

      Valid Values

      (HostName=hostvalue:PortNumber=portvalue:Database=databasevalue[,
      . . .])

      You must specify the host name, port number, and database name of
      each alternate server.

      Notes

      *An alternate server address in IPv6 format must be enclosed in
      double quotation marks.  

      Example

      The following Alternate Servers value defines two alternate database
      servers for connection failover:

      AlternateServers=(HostName=SqlsServer:PortNumber=1433:Database=Sqlsdb1, 
      HostName=255.201.11.24:PortNumber=1434:Database=Sqlsdb2)

      Default
      None

    http://media.datadirect.com/download/docs/odbc/allodbc/index.html#page/odbc/Alternate_Servers_7.html

(2)

    Progress DataDirect Connect for ODBC Version 7.1.6 

      Attribute:   LoadBalancing (LB) 

      Purpose:

      Determines whether the driver uses client load balancing in its
      attempts to connect to the database servers (primary and
      alternate). You can specify one or multiple alternate servers by
      setting the Alternate Servers option.

      Valid Values:   0 | 1 

      Behavior:

      If set to 1 (Enabled), the driver uses client load balancing and
      attempts to connect to the database servers (primary and alternate
      servers) in random order.

      If set to 0 (Disabled), the driver does not use client load
      balancing and connects to each server based on their sequential
      order (primary server first, then, alternate servers in the order
      they are specified).

      Default:  0 (Disabled) 

    http://media.datadirect.com/download/docs/odbc/allodbc/index.html#page/odbc%2FLoad_Balancing_10.html%23

 
(3)

    Configure an Oracle Policy Store 

      AlternateServers= 

      If the primary server is not accepting connections, specifies the
      connection failover to the other Oracle nodes. Example:
      (HostName=nete_servername2:PortNumber=1521:ServiceName=nete_servicename[,...])

      LoadBalancing=1 

      Turns on client load balancing, which helps to distribute new
      connections to keep RAC nodes from being overwhelmed with connection
      requests. When enabled, the order in which primary and alternate
      database servers are accessed is random.

    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-52-01/installing/install-a-policy-server/configure-odbc-databases-as-policy-session-key-and-audit-stores/configure-odbc-databases-as-policy-store/configure-an-oracle-policy-store.html