Replica set and session sharing concepts

A replica set is a collection of Web security servers configured to share sessions. Session sharing allows single signon among all servers in the replica set while enforcing concurrent session limitations and session terminations.

A user can log on to any server in the replica set without authenticating again.

For example, as a user, you log in to the main website for your company: www.example.com. The www.example.com site is handled by a WebSEAL cluster where all WebSEAL servers belong to the "www.example.com" replica set.

WebSEAL is configured to provide you (as an authenticated user) with a domain session cookie for .example.com.

Later in the session, you access sales.example.com, which is the main website for the company's sales department. The sales.example.com site is handled by a WebSEAL cluster where all WebSEAL servers belong to the "sales.example.com" replica set.

The distributed session cache configuration manages all of the replica sets. In this example, www.example.com and sales.example.com are both configured as replica sets.

The sales.example.com WebSEAL cluster uses your domain session cookie to acquire your session information at www.example.com. With this session information, we are not asked to authenticate again and single signon is achieved.

For session sharing to function correctly, all of the following conditions must be met:

Parent topic: Single signon in a replica set