Layer 7 Access Management

Expand all | Collapse all

Using LDAP or DB is better for CA SSO session store?

Jump to Best Answer
  • 1.  Using LDAP or DB is better for CA SSO session store?

    Posted 09-30-2016 03:31 AM

    CA Directory and MS SQL both support using t as session store. However which option would be recommended for high loading requirement? 



  • 2.  Re: Using LDAP or DB is better for CA SSO session store?
    Best Answer

    Posted 09-30-2016 03:03 PM

    They are both supported and VIABLE options for sessions store

     

    ODBC has been around longer as a session store used by more customers

     

    CA Directory is newer: We have a number of large customers using this type of deployment, CA teams documented specific setting to fine tune CA directory as a sessions store

    https://docops.ca.com/ca-single-sign-on/12-52-sp2/en/installing/configure-ldap-directory-server-policy-session-and-key-stores/configure-ca-directory-as-a-session-store



  • 3.  Re: Using LDAP or DB is better for CA SSO session store?

    Posted 10-01-2016 09:38 AM

    Thanks for your reply. If our environment having high performance requirement, which one shall we choose? As we know LDAP is fast for read but session store should involve lots of write action?



  • 4.  Re: Using LDAP or DB is better for CA SSO session store?

    Posted 10-03-2016 12:31 AM

    I would suggest to go with Ca Dir with the fact DB schema has limitation on # of characters it can store (especially on Artifact profile you will run into issues along with session persistence and SLO) even for high performance environments.Ca Engineering clearly mentioned  about it to us and asked us move from a DB to Ca Dir which is free for session store