User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE

151

152

153

154

155

156

157

158

159

160

Chapter 2: Environment Setup (SSO Administrators)

2-76

Adding an Authentication Server for Load Distribution

This section explains the process of adding an authentication server for load distribution.

To distribute the authentication server load using a load balancer such as the Interstage Traffic Director,

an authentication server must be configured to have the same environment as that of the already set

authentication server.

The Interstage Single Sign-on system provides the ssocloneac command to constitute the

authentication server in the same environment.

The ssocloneac command is also used to make copies of the messages to be displayed on a Web

browser. Customize these messages before making the copy of the authentication server. Refer to

'Customizing Messages Displayed on a Web Browser' for details of how to customize messages

displayed on a Web browser.

The following explains how to transfer the environment of the original authentication server already

installed to the additional authentication server using the ssocloneac command. Refer to 'Single Sign-

on Operation Commands' in the Reference Manual (Command Edition) for details of the ssocloneac

command.

Preparations for Load Distribution

Note the following to add a load balancer such as the Interstage Traffic Director to an active

authentication infrastructure.

• Do not change the URL of the authentication infrastructure by setting the host name of the already-

installed authentication server in the load balancer such as the Interstage Traffic Director. Refer to

'Authentication Infrastructure URL' for an explanation of the URL of the authentication infrastructure.

Refer to the manual of the Interstage Traffic Director for details of the Interstage Traffic Director.

Preparing Target Machine

Set up the machine you are copying to with the same platform as that of the machine you are copying

from. Ensure the same Interstage version, edition, and installation directory is installed. The Interstage

Single Sign-on, Interstage HTTP Server, and SSL configuration (for SSL communication) on the

destination machine must be in the initial state immediately after installation.

Getting Environment Information

1. On the source machine, execute the ssocloneac command with the -p option in order to fetch

environment information such as authentication server information, Interstage HTTP Server

information, and the SSL configuration for SSL communication (*1). When you are permitted to use

the same certificate for the load-balancing machine, and SSL Accelerator is not used, use the

scsexppfx command to transfer the site certificate and private-key. Refer to 'SSL Commands' in

the Reference Manual (Command Edition) for details of the scsexppfx command.

2. Transfer the fetched environment information to the destination machine. Ensure that there is

adequate security to prevent third parties from electronically intercepting information during the

transfer. Additionally, during transfer, do not change the permission of the fetched environment

information file.

*1 The SSL configuration for SSL communication is fetched only when the authentication server uses

SSL communication.