Hello Community,
What would be your take on planing multi site architecture in which protected web apps deployed on-premise and in cloud (AWS, Azure, Google etc...) in multiple data centers?
I've gone through architectural use cases described in docops
https://docops.ca.com/ca-single-sign-on/12-8/en/implementing/implementing-ca-single-sign-on/architectural-use-casesbut they all seem to be very high level and do not cover the following cases:
1. User self-services such as credential management (password, 2fa) - distributed and replicated / centralized?
2. User session management when authorization decisions are made based on session variables - session store replication?
3. How to tackle race condition between login in one site and service consumption in a different site when MW replication suffers latency?
4. Single logout and federation?
5. Protected legacy applications in one site and React/Angular in other?
Seems like JWT authentication is the way to go with CA SSO ( without SMSESSION cookie generation) and CA API Gateway but we loose persistent session data and SLO for federation
I am lost.