Implementation GuideArchitectural ConsiderationsImplementation ConsiderationsIdentify Resources to be Secured with Multiple Cookie Domains › Load-balancing for SSO between Cookie Provider Domains and Other Cookie Domains

Previous Topic: Identify Resources to be Secured with Multiple Cookie Domains

Next Topic: Determine if Partnerships Require Federation Security Services
Load-balancing for SSO between Cookie Provider Domains and Other Cookie Domains

Will the Web Agents in your single sign-on environment need to be load-balanced?

Because all Web Agents in an SSO environment must refer to a single cookie provider domain, add a load-balancer between the web servers in your cookie provider domain and the other cookie domains in your SSO environment as shown in the following illustration:

Multiple Domains in an SSO Environment Using a Load Balancer In Front of the Domain Hosting the Cookie Provider

The Web Agent in the example.org cookie domain points and the Web Agent in the example.com cookie domain both point to the same cookie provider domain of example.net. A load-balancer distributes the traffic evenly between all the web servers in the example.net cookie provider domain.

Copyright © 2010 CA. All rights reserved. Email CA about this topic