Page Comparison

You set up a cluster for WSO2 App Manager and create a distributed deployment of its four main components: Publisher, Store, Gateway, and Identity Provider. This page describes how to set up the distributed deployment in the following sections.

...

A Gateway node must be up and running for you to create apps through the Publisher.

Follow the steps below to configure the Publisher and Store to be in a single cluster domain. You need to configure both nodes as instructed below

1. Open the <APPM_HOME>/repository/conf/axis2/axis2.xml file and scroll down to the 'Clustering' section.

2. Set the 'enable' attribute of the <clustering> element to true.

   Code Block
   <clustering class="org.wso2.carbon.core.clustering.hazelcast.HazelcastClusteringAgent" enable="true">

3. Change the 'membershipScheme' parameter to 'wka'.

   Code Block
   <parameter name="membershipScheme">wka</parameter>

4. Provide a domain for the cluster.

   Code Block
   <parameter name="domain">wso2.pub.store.domain</parameter>

5. Specify the 'localMemberHost' and 'localMemberPort' parameters. If on the publisher, the 'localMemberHost' should be the publisher's IP address. The port value should be the port on which the Publisher will be listening for incoming cluster messages. Same applies to the Store.

   Code Block
   <parameter name="localMemberHost">192.168.10.1</parameter> <parameter name="localMemberPort">4000</parameter>

6. Specify well known member. When specifying the well known member, the Publisher should specify the Store information and the Store should specify the Publisher information. The port that we provide here should be equal to the 'localMemberPort' of the other member.

   Code Block
   <members> <member> <hostName>192.168.10.2</hostName> <port>4000</port> </member> </members>

7. Save and close the files and restart the servers (if running) for the changes to take effect.

...

To cluster App Manager, create a cluster of Gateway components. To cluster the Gateway component, use the steps in Clustering the App Manager Gateway.

Configuring the Identity Server as the IDP

This section includes steps on how to configure the WSO2 Identity Server as the identity provider (IDP). When the Identity Server is used as the IDP component, use the same configurations mentioned in the sections above for the Publisher, Store and Gateway. Use the IP of IS server as <IP of the IDP> in above configs.

1. Download the WSO2 Identity Server. Unzip the downloaded file into the server and rename the directory as IDP. The unzipped directory will be referred to as <IS_HOME> in this document.

2. Copy the MySQL JDBC driver JAR (mysql-connector-java-x.x.xx-bin.jar) into the <IS_HOME>/repository/components/lib directory of all the nodes in the cluster if you have not done so already.

3. If SQL commands in the Clustering App Manager 1.1.0 section are already executed, execute the following script also.
   

   Code Block
   mysql> drop database UM_DB; mysql> create database UM_DB; mysql> use UM_DB; mysql> source <IS_HOME>/dbscripts/mysql.sql; mysql> grant all on UM_DB.* TO username@localhost identified by "password";

    

4. Configure the datasource for UM database as follows:

1. Open the <IS_HOME>/repository/conf/datasources/master-datasources.xml file in the Identity Server component.

2. Enable IDP components to access the user's database by configuring the WSO2UM_DB datasource in the master-datasources.xml file as follows:
   

   Code Block
   language xml
   <datasource> <name>WSO2UM_DB</name> <description>The datasource used by user manager</description> <jndiConfig> <name>jdbc/WSO2UM_DB</name> </jndiConfig> <definition type="RDBMS"> <configuration> <url>jdbc:mysql://mysql-appm.wso2.com:3306/UM_DB?autoReconnect=true</url> <username>user</username> <password>password</password> <driverClassName>com.mysql.jdbc.Driver</driverClassName> <maxActive>50</maxActive> <maxWait>60000</maxWait> <testOnBorrow>true</testOnBorrow> <validationQuery>SELECT 1</validationQuery> <validationInterval>30000</validationInterval> </configuration> </definition> </datasource>

    

3. If The Identity Server is used as IDP, you must configure the Publisher, Store and Social service providers in the Identity Server. See Configuring a Service Provider for more information on how this configuration is done. Also see Configuring SAML2 Web Single-Sign-On since SAML2 is used to configure SSO. Create the three service providers as shown in the following configuration table.

   SP Name	Issuer	Assertion Consumer URL	Enable Response Signing	Enable Assertion Signing	Enable Single Logout	Enable Attribute Profile
   publisher	publisher	https://<IP of publisher>:9443/publisher/acs	True	True	True	True
   store	store	https://<IP of store>:9443/store/acs	True	True	True	True
   social	social	https://<IP of store>:9443/social/acs	True	True	True	True

   The following configurations are an example of how this is configured for the Publisher. The following steps must be done for the Store and Social service providers as well. 

   1. Sign in. Enter your username and password to log on to the Management Console. 

   2. Navigate to the Main menu to access the Identity menu. Click Add under Service Providers.
   3. Fill in the Service Provider Name and provide a brief Description of the service provider.
      Image Added
   4. Click Register.
   5. In the following page, expand Inbound Authentication Configuration and SAML2 Web SSO Configuration and click Configure.
      Image Added 
   6. In the page that appears, do the configurations listed in the table and click Register.
      Image Added
   7. Now do the same for the Store and Social service providers as well.