Documentation Center

SDL LiveContent Environment with InfoShareSTS

SDL LiveContent Architect, SDL LiveContent Reach, SDL Enrich integrated with InfoShareSTS

This topic describes how an SDL LiveContent Architect Advanced server cluster deployment fits in the SDL LiveContent deployment.

A collection of Front end server behind a network load balancer serve the interactive functionality and a collection of Back end server serve the non interactive functionality.

InfoShareSTS is used as the Security Token Service as part of the Web role.

When designing a cluster like the above you should take special notice for the following items.

  • Each Front end server behind the network load balancer is configured using the same certificate referring to the same host name.
  • Every Back end server should be installed with its own certificate referring to its unique host name.
  • For every federated service endpoint e.g. SDL LiveContent Architect InfoShareWS, targeted from within the cluster, DNS resolving and network routing should be taken into consideration depending on the network topology.
  • InfoShareSTS cannot be shared across different servers. As a result:
    • Every InfoShareSTS on every server on the cluster requires configuration for all federated services for which it can potentially issue a token.
    • InfoShareSTS on every Front end server has configuration based on the network load balancer hostname and certificate. Also it must have all required configuration relevant to other federate services as their endpoints are recognized from outside the cluster.
    • InfoShareSTS on every Back end server has configuration based on the specific hostname and certificate of the server. This InfoShareSTS will be used by all entities of the same Back end server. All federated services integrated with SDL LiveContent Architect are required to be configured on the InfoShareSTS on every Back end server, using endpoints relevant to configured DNS resolving and network routing.

With a setup similar to this all user clients like browsers and client tools will target the network load balancing hostname and thus one of the Front end server. Any client that is running from within the cluster behind the network load balance will still have access to any Back end server by using its designated host name.

Figure 1. SDL LiveContent advanced deployment with InfoShareSTS