Server-side JPAStorageService using an eventually consistent database
Cantor, Scott
cantor.2 at osu.edu
Fri Nov 25 12:05:52 EST 2016
On 11/24/16, 2:15 AM, "users on behalf of Martin Haase" <users-bounces at shibboleth.net on behalf of Martin.Haase at DAASI.de> wrote:
> we are about to investigate what happens if the current IdP's
> JPAStorageService implementation will be connected to an eventually
> consistent database cluster.
In general, it's not advisable, but it depends on the specifics of each storage client. In some respects the client storage service now is "kind of" eventually consistent. There are race conditions possible and the risk of records being lost in some cases but because it's used for the session cache primarily, the main outcome is just more frequent login, or possibly some risk of logout failure (taking logout from "impossible" to "slightly more impossible").
There are use cases involving server side storage where those risks are much greater and involve loss of replay cache integrity or even more importantly failures to handle artifacts or CAS tickets leading to login failure at services.
> Before pursuing this further, I would be happy if you could share
> experience (if any) or general estimates on this.
I think there are much better choices, personally, in the majority of cases.
-- Scott
More information about the users
mailing list