Hi Nicolas, Please find the answers.
1. If you just download the Nginx, you won't get the sticky sessions module in there. But with Nginx Plus you can get the sticky session module. Also if you compile the Nginx source code, then you get a chance to include the sticky session module. 2. We have OAuth2 by default and GW does the key validation call to the Key manager. The current implementation does not support to share the tokens as we share folders. You can use JWT tokens which are self-contained access tokens. This is supported in APIM 2.5.0 API microgateway. 3. In apps, we maintain Jsession cookie for UI apps. For an example, let's consider you have fronted the publisher app with an LB. When you login to the publisher app, it goes to the publisher node 1 where you enter the credentials. When the login call is successful, the user should redirect to the API listing in the publisher node. If you haven't set the Jsession cookie in the LB, you will redirect to the publisher node 2 due to the round-robin behavior. As the publisher node 2 does not have the valid session for the user as the Jsession cookie is not found, the user will redirect to the login page again. When you enable Jsession cookie in LB, it will always point the user to the same publisher node. Thank you! On Sun, Sep 16, 2018 at 2:46 PM Nicolas Maujean < [email protected]> wrote: > Hi Tharindu, > > Thank you for your feedback. > > Some More questions : > - Why don’t use the sticky module of nginx which is free but nginx plus ? > - why validate tokens ? With share folder, tokens is not shared ? > - I don’t understand for UI components, can you provide me an example ? > > Best regards, > > Nicolas Maujean > > > > Le dim. 16 sept. 2018 à 10:53, Tharindu Dharmarathna <[email protected]> > a écrit : > >> Hi Nicolas, >> >> The sticky session in API MAnager is needed to manage the >> following aspects. >> >> 1. In all UI components, it needs to manage to keep session affinity for >> keep session with the same instance >> 2. For all Admin Service Calls which use to validate tokens, Create APIS, >> etc between nodes. it uses a session for not to re-authenticate with >> servers. >> 3. In Gateway Component it does not need to have session affinity for the >> services you expose as rest API whereas you do not use any session related >> data. >> >> Thanks >> >> >> >> >> On Fri, Sep 14, 2018 at 3:45 PM Nicolas Maujean < >> [email protected]> wrote: >> >>> hi, >>> >>> I woud like to understand why nginx plus is needed to manage wso2 api >>> in active-active whereas we could install the sticky module of nginx ? >>> >>> <http://goog_194591379> >>> >>> http://gravitronic.com/compiling-the-nginx-sticky-session-module-in-ubuntu/ >>> >>> If my service or stateless, the sticky session is needed >>> >>> best regards, >>> >>> Nicolas Maujean >>> >> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> >>> >> >> -- >> >> *Tharindu Dharmarathna*Associate Technical Lead >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: *+94779109091* >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- *Pubudu Gunatilaka* Committer and PMC Member - Apache Stratos Senior Software Engineer WSO2, Inc.: http://wso2.com mobile : +94774078049 <%2B94772207163>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
