This section enables you to specify a group of Access Manager servers to
connect to in order to authenticate clients. You can select a group of Access
Manager servers to provide failover in cases where one or more servers are not
available.
Connection Group Type
The Enterprise Gateway can connect to a group of Access Manager Authorization
Servers or Dispatcher Servers. When multiple Access
Manager Authorization Servers are deployed for load-balancing purposes, the
Enterprise Gateway should first connect to a Dispatcher Server, which returns a list
of active Authorization Servers. An attempt is then made to connect to one of
these Authorization Servers using round-robin DNS. If the first Dispatcher
Server in the Connection Group is not available, the Enterprise Gateway attempts to
connect to the Dispatcher Server with the next highest priority in the group,
and so on.
If a Dispatcher Server has not been deployed, the Enterprise Gateway can connect
directly to an Authorization Server. If the Authorization Server with the
highest priority in the Connection Group is not available, the Enterprise Gateway
attempts to connect to the Authorization Server with the next highest
priority, and so on.
Select the type of the Connection Group using the Authorization
Server or Dispatcher Server radio button. All
servers in the group must be of the same type.
Connection Group:
Select the Connection Group to use for authenticating clients.
You can add Connection Groups on the External Connections tab
in Policy Studio. Expand the Connection Sets node, right-click
RSA ClearTrust Connection Sets, and select Add a
Connection Set. For more details on adding and editing Connection Groups,
see the Configuring Connection Groups
topic
|