Distributed session cache process flow

In a distributed session cache environment, the client browser sends requests to the WebSEAL server cluster, which interacts with the distributed session cache for session management.

The following diagram shows the basic process flow for session management in an environment where WebSEAL is configured to use the distributed session cache. The example contains the following conditions:

• WebSEAL 1 and WebSEAL 2 are configured with replica virtual hosts (vhostA).
• The replica virtual hosts belong to a replica set.

1. A user makes a request for a protected object located in the Web space of vhostA. WebSEAL A intercepts the request and creates a local cache entry for the user. WebSEAL A prompts the user to log in.
2. The user provides authentication data to WebSEAL. WebSEAL updates the local session cache entry with the client's credential.

   Maintaining a local session cache improves the performance of that specific WebSEAL server during future requests for resources.

3. WebSEAL A notifies the distributed session cache of the new session and the associated credential information. The distributed session cache maintains this information in its own database.

4. WebSEAL A sends a session cookie to the user's browser.
5. An additional request for a resource on vhostA by the same user, using the same session cookie, fails over to another server in the replica set (WebSEAL B).

6. Use the session cookie, WebSEAL B consults the distributed session cache to determine whether the user has already authenticated. The distributed session cache replies with the user's cached credential.

   WebSEAL B uses the credential to trust the user and allows the request for the resource to proceed. The user is not prompted to login again.

Parent topic: Distributed session cache overview