What's different when implementing Flex authentication/authorization in a clustered environment?
Question
Are there any differences implementing Flex application security in a clustered Java environment (such as Oracle Application Server/OC4J or a JBoss cluster) vs a single application server environment? (And/or does it depend on the specific environment software?)
What considerations are there in a situation where you need to authenticate with LDAP (AD) and store user access information in a database (ex. USER table containing username + permissions/roles info)?
Are sessions shared across nodes with no issues? Any differences between Blaze DS and Granite DS?
1 answers
solution1
1 ACCPTED 2010-09-28 13:33:36
Yes, Blaze DS is a pain when it comes to clustering full stop. LCDS isn't much better, but it at least has more support for clustering (with the downside of being ridiculously expensive).
The problem is the JSESSIONID which the instance uses to identify the Flex client that's making the call. The associated Flex Session object isn't shared in the cluster by default, and IIRC, BlazeDS doesn't have any option for sharing, while LCDS has limited options... Sticky Sessions or port broadcasting.
I can't speak for any of the Open Source options, but clustering support is usually the purview of paid-for solutions...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.