A cluster relationship synchronizes, or replicates, HTTP Federation (HFED) application sign-in credentials stored in keychain data on the source cluster, with keychain data stored on the target cluster. This enables users with credentials from the source cluster to access the same credentials on the target cluster. After synchronization, users with sign-in credentials in the source cluster have the same credentials in the target cluster.
Note:This information does not apply to the identity router embedded in RSA Authentication Manager.
Cluster relationships enable high availability (HA) between clusters, as described in the following examples.
In the event of an unplanned outage on the source cluster, service is restored automatically by switching to the target cluster. Users with identity router sessions on the source cluster are automatically prompted to sign in again, using the same credentials on the target cluster. The location of the cluster storing credentials is transparent to users.
With geographically distributed clusters, users traveling between two locations can seamlessly access their HFED applications with the same credentials stored in both cluster locations.
In the event of disaster, you can restore service to a source cluster by overwriting keychain data with a backup copy of user keychain data from the target cluster.