[failover] stanza

Use the [failover] stanza to configure the use of failover cookies in WebSEAL.

• clean-ecsso-urls-for-failover
  Use the clean-ecsso-urls-for-failover stanza entry to control whether the URL that WebSEAL sends during failover authentication includes query arguments that contain the PD-VFHOST and PD-VF tokens.
• enable-failover-cookie-for-domain
  Use the enable-failover-cookie-for-domain stanza entry to enable the failover cookie for the domain. When enabled, the failover authentication cookie can be used by any WebSEAL server that is in the same domain as the WebSEAL server that creates the cookie.
• failover-auth
  Use the failover-auth stanza entry to enable failover cookies. The configured value specifies the protocol over which WebSEAL accepts cookies for authentication during a failover authentication event.
• failover-cookie-lifetime
  Use the failover-cookie-lifetime stanza entry to specify the lifetime, in minutes, of the failover cookie contents.
• failover-cookie-name
  Use the failover-cookie-name stanza entry to specify the name of the cookie that stores the failover token. If the WebSEAL server that is hosting the user session fails, this cookie is presented to a replicated WebSEAL server to automatically reauthenticate the user.
• failover-cookies-keyfile
  Use the failover-cookies-keyfile stanza entry to specify the key file that WebSEAL can use to encrypt and decrypt the data in failover cookies.
• failover-include-session-id
  Use the failover-include-session-id stanza entry to enable WebSEAL to reuse the original session ID of a client by storing it as an attribute in the failover cookie. Reusing session IDs can improve failover authentication response and performance in a non-sticky load-balancing environment.
• failover-require-activity-timestamp-validation
  Use the failover-require-activity-timestamp-validation stanza entry to control whether WebSEAL requires each failover authentication cookie to contain a session activity timestamp. This stanza entry is used primarily for compatibility with prior versions of WebSEAL.
• failover-require-lifetime-timestamp-validation
  Use the failover-require-lifetime-timestamp-validation stanza entry to control whether WebSEAL requires each failover authentication cookie to contain a session lifetime timestamp. This stanza entry is used primarily for compatibility with prior versions of WebSEAL.
• failover-update-cookie
  Use the failover-update-cookie stanza entry to specify the frequency at which WebSEAL updates the session activity timestamp in failover cookies.
• reissue-missing-failover-cookie
  
• use-utf8
  

Parent topic: Stanza reference