Hey all,
I'm working on testing out the cross-datacenter replication configuration
in our development environment and I'm running into some issues.
I stood up some JDG 7.1 instances and some RH-SSO 7.2 instances all running
on my localhost all with different port offsets, followed the
instructions[1], and everything seemed to work well enough.
Once I got beyond that and tried running RH-SSO and JDG on separate servers
I started running into issues[2] during RH-SSO startup. Looks like RH-SSO
is unable to connect to the remote ___script_cache but that cache isn't
mentioned anywhere in the RH-SSO documentation. The error message (and
online searching) indicates that this cache only allows remote connections
if authorization is enabled. I didn't see any mention of configuration
related to authentication or security for the remote caches in the
documentation either.
At this point we roped in a JDG expert (cc'ed here) and found some
additional Infinispan documentation[3] on how to add authentication to the
*remote* caches within the JDG configuration but nothing much in the way of
adding authentication to the client cache configuration inside RH-SSO that
didn't involve programmatic changes. After some additional searching we
found some info[4] detailing how to add security configurations to a
remote-cache configuration in Infinispan *9.1* but EAP 7.1 is only running
Infinispan *8.2* which doesn't have these changes.
How did you get this working?
Jared Blashka - Identity & Access Management
[1]
https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.2/...
[2]
http://pastebin.test.redhat.com/559674
[3]
http://infinispan.org/docs/stable/server_guide/server_guide.html#general_...
[4]
https://docs.jboss.org/infinispan/9.1/configdocs/infinispan-cachestore-re...