10.3 Configuring and Verifying Session Failover

Use the following list of procedures as a checklist for completing this task.

1. To Configure OpenSSO Enterprise for Session Failover

2. To Verify That the Administrator Session Fails Over

3. To Verify that the User Session Fails Over

To Configure OpenSSO Enterprise for Session Failover

1. Access https://osso-1.example.com:1081/opensso/console from a web browser.

2. Log in to the OpenSSO Enterprise console as the administrator.

   Username

   amadmin

   Password

   ossoadmin

3. Click the Configuration tab.

4. Under Global properties, click Session.

5. Under Secondary Configuration Instance, click New.

6. In the Add Sub Configuration page, provide the following information.

   Name

   Select External

   Session Store User

   Enter msgquser

   Session Store Password

   Enter m5gqu5er

   Session Store Password (confirm)

   Enter m5gqu5er

   Maximum Wait Time

   Keep the default value of 5000.

   Database URL

   Enter mq-1.example.com:7777,mq-2.example.com:7777.

   This is the Message Queue broker address list. Enter multiple values using a comma and no space.

7. Click Add.

8. Click Save.

9. Log out of the OpenSSO Enterprise console.

10. Restart the Application Server 1 instance with the following sub procedure.

    1. As a root user, log in to the osso–1 host machine.

    2. Switch to the non-root user and change to the bin directory.

       # su osso80adm # cd /export/osso80adm/domains/ossodomain/bin

    3. Restart the Application Server 1 instance.

       # ./stopserv; ./startserv admin username:domain2adm admin password:domain2pwd master password:domain2master Redirecting output to /export/osso80adm/domains/ossodomain/logs/server.log

    4. Log out of the osso–1 host machine.

11. Restart the Application Server 2 instance with the following sub procedure.

    1. As a root user, log in to the osso–2 host machine.

    2. Switch to the non-root user and change to the bin directory.

       # su osso80adm # cd /export/osso80adm/domains/ossodomain/bin

    3. Restart the Application Server 2 instance.

       # ./stopserv; ./startserv admin username:domain2adm admin password:domain2pwd master password:domain2master Redirecting output to /export/osso80adm/domains/ossodomain/logs/server.log

    4. Log out of the osso-2 host machine.

To Verify That the Administrator Session Fails Over

Before You Begin

Both OpenSSO Enterprise 1 and OpenSSO Enterprise 2 should be up and running before you begin this verification procedure.

1. As a root user, log in to the osso–2 host machine.

2. Change to the bin directory.

   # cd /export/osso80adm/domains/ossodomain/bin

3. Stop OpenSSO Enterprise 2.

   # ./stopserv

4. Access https://lb-2.example.com:1081/opensso/console from a web browser.

   1. Log in to the OpenSSO Enterprise console as the administrator.

      Username

      amadmin

      Password

      ossoadmin

   2. Click the Sessions tab.

   3. In the View field, select osso-1.example.com:1081 from the drop down list.

      Verify that only amadmin exists in the Sessions table.

   4. In the View field, select osso-2.example.com:1081 from the drop down list.

      You will see an error message indicating the server is down.

   5. Leave this browser window 1 open.

5. Start OpenSSO Enterprise 2.

   # ./startserv admin username:domain2adm admin password:domain2pwd master password:domain2master Redirecting output to /export/osso80adm/domains/ossodomain/logs/server.log

6. As a root user, log in to the osso-1 host machine.

7. Change to the bin directory.

   # cd /export/osso80adm/domains/ossodomain/bin

8. Stop OpenSSO Enterprise 1.

   # ./stopserv

9. Going back to the OpenSSO Enterprise console in browser window 1, under the Sessions tab, select osso-1.example.com:1081 from the View drop down list.

   You will see an error message indicating the server is down.

10. Now select osso-2.example.com:1081 from the View drop down list.

    Verify that only amadmin exists in the Sessions table. This indicates that although OpenSSO Enterprise 1 was stopped, the OpenSSO Enterprise Load Balancer 2 directed the request to OpenSSO Enterprise 2 and a session for amadmin was successfully created by OpenSSO Enterprise 2. If session failover was not enabled, it would have resulted in a login page.

To Verify that the User Session Fails Over

Before You Begin

This procedure assumes that you have just completed To Verify That the Administrator Session Fails Over.

1. Access https://lb-2.example.com:1081/opensso/UI/Login from a second browser window.

2. Log in to the OpenSSO Enterprise console as testuser1.

   Username

   testuser1

   Password

   password

   A page with a message that reads You're logged in is displayed. Since the User Profile attribute was set to Ignored, the user's profile is not displayed following a successful login. Because OpenSSO Enterprise 1 was stopped, the user session is created in OpenSSO Enterprise 2.

3. Leave browser window 2 open.

4. Using browser window 1, click the Sessions tab.

5. In the View field, select osso-2.example.com:1081 from the drop down list.

   Verify that amadmin and testuser1 exist in the Sessions table.

6. On the osso–1 host machine, change to the bin directory.

   # cd /export/osso80adm/domains/ossodomain/bin

7. Start OpenSSO Enterprise 1.

   # ./startserv

   Both OpenSSO Enterprise 1 and OpenSSO Enterprise 2 are up and running.

8. On the osso–2 host machine, change to the bin directory.

   # cd /export/osso80adm/domains/ossodomain/bin

9. Stop OpenSSO Enterprise 2.

   # ./stopserv

10. Using browser window 1, click the Sessions tab and do the following sub procedure.

    1. In the View field, select osso-1.example.com:1081.

       Verify that amadmin and testuser1 exist in the Sessions table. This indicates that the session successfully failed over to OpenSSO Enterprise 1.

       ---

       Tip –

       If testuser1 is not displayed, refresh the browser window 2 page.

       ---

    2. In the View field, select osso-2.example.com:1081

       You will see an error message indicating the server is down.

11. Log out of the consoles and the host machines.