Login
    Contenu x
    Replication Process
    • 07 Jan 2025
    • 3 Minutes à lire
    • Impression
    • Sombre
      Lumière
    • PDF
    Contenu

    Replication Process

    • Mis à jour le 07 Jan 2025
    • 3 Minutes à lire
    • Impression
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Replication consists of two separate steps:

    1. Writing a data update to the replication queue (creating a replication entry). The process that writes to the replication queue is run before any data changes are committed to the database. If the data change cannot be written to the replication queue – usually because the replication queue file has exceeded the maximum size allowed – the data change will not be committed to the database.

      You can configure OneSpan Authentication Server Appliance to send warning notifications when the replication queue file size exceeds a specified size threshold before reaching the maximum size limit. For more information, refer to the Administration Web Interface Help or the Configuration Tool Help.

      Writing to the replication queue

      Figure: Writing to the replication queue

    2. Sending a replication entry to another OneSpan Authentication Server instance. This step sends replication entries from a replication queue to the required OneSpan Authentication Server instance. If the destination OneSpan Authentication Server instance cannot write the change to its database, it returns a failure message. The process will do the following:

      1. Leave the entry in the queue.
      2. Set a retry time for the entry, depending on the Retry Interval set in the Configuration Utility.
      3. Perform another replication attempt for the entry according to the number of retries set in the Configuration Utility. If the maximum number of retries is reached, the entry is removed from the queue and its details audited.
        Sending replication queue entry

        Figure: Sending replication queue entry

      This does not include connection problems to the other OneSpan Authentication Server instance. Queue retries will be suspended, until the connection is re-established.

    Connection handling (with replication)

    When the VASCO IAS Web Administration service is started, OneSpan Authentication Server will establish a connection to each destination OneSpan Authentication Server instance configured for replication. OneSpan Authentication Server will keep this connection open until the service is stopped or the connection is broken. If the connection is broken, it will attempt to reconnect after the minimum reconnect interval set in the OneSpan Authentication Server configuration has elapsed. If that fails, it will continue to attempt reconnection at increasing time intervals until it reaches the maximum reconnect interval. OneSpan Authentication Server will continue to attempt reconnection at the maximum reconnect interval until it succeeds.

    OneSpan Authentication Server ceases replication efforts to the target OneSpan Authentication Server instance until the connection is re-established. This means that entries in the queue will not be lost, because of a broken connection. Replication to other OneSpan Authentication Server instances will not be affected, i.e. each replication link is independent.

    A manual reconnect may be attempted at any time using the Administration Web Interface.

    OneSpan Authentication Server will not accept replication updates from another machine, unless it has a configured component record for that machine where Component Type is set to IDENTIKEY Authentication Server.

    Replication monitoring

    Replication operations record dedicated audit messages in the following circumstances:

    • A connection succeed or failed.
    • A replication entry was sent successfully.
    • A replication entry could not be sent.
    • A replication entry was received and the receiving server returned a data update success message.
    • A replication entry was received and the receiving server returned a data update failure message.

    The OneSpan Authentication Server Administration Web Interface provides a Replication Status page. This page allows you to verify the current replication status for a specific OneSpan Authentication Server instance. It also includes the number of entries currently in the replication queue.

    Forwarding replication entries

    Replication forwarding is required, where more than two OneSpan Authentication Server instances are replicating, either in a simple replication chain or more sophisticated arrangement.

    The ID of the source OneSpan Authentication Server instance and the target OneSpan Authentication Server instance(s) are added to the replication entry. This allows the receiving OneSpan Authentication Server instance to verify which other OneSpan Authentication Server instance the replication entry has already been sent. It will forward the entry only to those OneSpan Authentication Server instances not listed.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle