Troubleshooting session sharing in HA mode

In BMC Atrium Single Sign-On High Availability (HA) mode, session sharing can fail in some specific network environments when the default protocol (multicast) is used by ApacheMQ. ApacheMQ is a third party component which is used by Atrium Single Sign-On to inform all nodes in the cluster about sessions’ creation and termination events. If  session sharing fails, change the configuration settings to an alternative protocol.

To configure point-to-point sessions sharing

Perform the following on each node in the HA cluster.

  1. Navigate to the <AtriumSSOinstallationDirectory>/tomcat/webapps/atriumsso/WEB-INF/classes/ directory.
  2. Edit the activemq.xml file.
  3. Replace the following tag:
    <transportConnector uri="ssl://localhost:0?transport.needClientAuth=true&amp;daemon=true" discoveryUri="multicast://default?daemon=true&amp;group=atsso" />

    with:
    <transportConnector uri="ssl://<currentnode-hostname>:<port>?transport.needClientAuth=true&amp;daemon=true " />

    where:
    currentnode-hostname — The host name of the current node.
    port — The port which will be used for the sessions sharing on this node. The default port used for session replication is 61616.
  4. The <networkConnectors> tag should have the following child elements. You must add one element for each node in the cluster, except the current node:
    <networkConnector name="atsso-1-to-2" uri="static:(ssl://<hostname2>:<port>?daemon=true)"/>
    <networkConnector name="atsso-1-to-3" uri="static:(ssl://<hostname3>:<port>?daemon=true)"/> 

    where:
    name — this parameter must be unique attribute on all the HA nodes.
    hostname2, hostname3 — the host names of other nodes in the HA cluster, assuming that the current node is node1 on the hostname1;
    port — The port which is used by another node for session sharing. The default port used for session replication is 61616

    Note

    The <hostname>:<port> pair is specified on other nodes in the respective <transportConnector /> tags.
  5. Save the file.
  6. Stop and restart each node.

    Note

    • Stop all the nodes in the cluster after configuring point-to-point session sharing. For more information about stopping and restarting server node, see Stopping and restarting the BMC Atrium Single Sign-On server.
    • Do not start all the nodes at the same time. Start each node beginning from the first node only after the previous node is fully started.
    • Comment the default connectors in the active.xml files after configuring session replication.

Was this page helpful? Yes No Submitting... Thank you

Comments