Configure the response timeout for the distributed session cache

We can configure the maximum amount of time that WebSEAL waits for a response from the distributed session cache. Use the timeout stanza entry in the [dsess-cluster] stanza of the WebSEAL configuration file to specify the amount of time (in seconds) WebSEAL can wait for a response from the distributed session cache.

Default is 30 seconds. For example:

[dsess-cluster]
timeout = 30

If the timeout limit is reached with no response from the distributed session cache, WebSEAL assumes the distributed session cache is unavailable. When this occurs, the following actions are taken:

• A separate WebSEAL server thread begins attempting to contact the distributed session cache every 60 seconds to see if the distributed session cache has recovered or a backup has come online.

• All attempts to create or access a session on the WebSEAL server receive an HTTP "503 Service Unavailable" error page from the WebSEAL server (38b9a4b1.html). We can customize this page by creating an error page for error status "0x38b9a4b1" as described in HTML server response page modification.

When the distributed session cache recovers, WebSEAL attempts to determine whether the outage was due to a temporary network outage or if the distributed session cache server was restarted. If the distributed session cache server was restarted, the local WebSEAL session cache is cleared. All sessions on the WebSEAL server are deleted. This is done so that sessions across all of the WebSEAL servers in the cluster remain synchronized.

Parent topic: Communication timeout configuration for the distributed session cache