Federation Manager GuideLoad Balancing Support for Federation ManagerHow to Configure Load Balancing › Configure Redirections to an SSL Load Balancer (optional)

Previous Topic: Set up the Federation Manager Systems to Work with a Load Balancer

Next Topic: Federation Manager System Administration

Configure Redirections to an SSL Load Balancer (optional)

You can configure your Federation Manager system to use forms as the local authentication method. You can configure this method in the single sign-on settings in the Federation Manager UI. The forms method redirects the browser as part of the authentication process.

If the load balancer uses SSL and Federation Manager is not configured for SSL, configure Federation Manager to redirect traffic over an SSL connection. To redirect traffic, modify the following two files on each Federation Manager system:

Note: Modify these files on all Federation Manager systems that do not use SSL.

To process redirections over SSL correctly

  1. Navigate to federation_mgr_home/secure-proxy/proxy-engine/conf/defaultagent.
  2. Open the WebAgent.conf file in an editor. Uncomment the line that begins localconfigfile then save the file.
  3. Open the LocalConfig.conf file in an editor.
  4. Add the following settings to the LocalConfig.conf file then save the file: 
    HttpsPorts="443"

    Specify whatever port on which the load balancer is listening.

    GetPortFromHeaders="YES"
  5. Navigate to federation_mgr_home/secure-proxy/httpd/conf.
  6. Open the httpd.conf file in an editor.
  7. Locate the SeverName setting and specify the load balancer hostname:port. Do not enter the Federation Manager server host name. Example: 
    ServerName lb5.ca.com:443
  8. After the ServerName setting, add the UseCanonicalName setting and set it to On. Example: 
    UseCanonicalName on

Federation Manager can now redirect traffic over an SSL connection.