Invalid connector configuration (RelationalDatabase) when database is unavailable
Cantor, Scott
cantor.2 at osu.edu
Wed Oct 11 10:36:04 EDT 2017
On 10/11/17, 10:25 AM, "users on behalf of Joseph Fischetti" <users-bounces at shibboleth.net on behalf of Joseph.Fischetti at marist.edu> wrote:
> I agree completely, which is why I want to build my configuration to be available, regardless of what happens to servers that are
> out of my control. I can build support for this SP/attribute, without relying on the backend database for unrelated attributes.
That's my point. I don't rely on servers that are out of my control when I can avoid it (authentication being one I can't avoid), and having data that's slightly out of date is for me a fine trade off to achieve that, so I cache most of it.
> I have no intentions of mirroring the database just for this specific SP, and I don't want users to lose access to other
> SSO/Federated services just because this one database has gone offline.
I wasn't aware it was specific to a single SP. That's a reasonable decision.
> Doesn't everything have a "realistic chance of failing"? However remote that may be?
Not really. A local MySQL cache on the same server with the IdP is not going to fail under any normal conditions unless the IdP itself is failing. I've run that way for 15 years and it's the best choice I made when I started out.
-- Scott
More information about the users
mailing list