SDL Tridion Docs environment with ADFS
Example of a combined Content Manager, Dynamic Delivery and Collaborative Review network setup with ADFS integration.
The following clusters can fit in one SDL Tridion Docs deployment:
- Content Manager advanced server cluster.
- Dynamic Delivery advanced server cluster.
- Collaborative Review cluster.
Federation
ADFS is used as a Security Token Service for the federated services of Content Manager, Dynamic Delivery and Collaborative Review.
Content Manager
A collection of Front end servers behind a network load balancer serve the interactive functionality and a collection of Back end servers serve the non interactive functionality
When designing a cluster like the above you should take special notice for the following items.
- Each Front end server behind the network load balancer is configured using the same certificate referring to the same host name.
- Every Back end server should be installed with its own certificate referring to its unique host name.
- For every federated service endpoint e.g. Content Manager ISHWS, targeted from within the cluster, DNS resolving and network routing should be taken into consideration depending on the network topology.
With a setup similar to this all user clients like browsers and client tools will target the network load balancing hostname and thus one of the Front end server. Any client that is running from within the cluster behind the network load balance will still have access to any Back end server by using its designated host name.
Dynamic Delivery
The delivery servers can be scaled out behind a network load balancer. Commenting and search are provided from Back end services.
A deployment node is the target of publications from Content Manager. This node will be queried by each delivery server in the cluster.
Collaborative Review
The review installation provides the functionality for Collaborative Review. The source of the comments is the common commenting repository. This installation is integrated with ADFS to provide the Single Sign On experience.