You can set up multiple instances to authenticate with BlueCat Address Manager (BAM) behind a load balancer. This is useful for balancing distribution loads, or as part of a High Availaibilty strategy, to maintain functionality when a single instance fails or becomes otherwise unavailable. Once a user authenticates with the primary instance, any instance behind the load balancer can process any other incoming request from the same user without having to log in again.
IMPORTANT: When setting up behind a load balancer, you must configure all instances identically. In particular, the Secret key configured in all instances must be the same.
During authentication, the cookie is signed with the secret key and sent to the user's browser. If the secret key differs between instances, cannot unpack values from cookies and API requests will fail.
To set the secret key in a instance:
In , go to the General configuration page (click the
Navigator button in the top left corner, expand
Configurations, then click General
configuration).Scroll down to and expand the Certificates section.
In the Secret key field, enter the desired secret key value.