U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Ping Identity PT-AM-CPE Exam - Topic 5 Question 13 Discussion

In a multi-server deployment, what is the impact of not ensuring stickiness in the load balancer configuration?
D) Performance may decrease as load on the system will be higher
A) Session failover will not work
B) The browser will not be able to validate the user session with the correct PingAM server
C) The user will see more redirects in their browser

Ping Identity PT-AM-CPE Exam - Topic 5 Question 13 Discussion

Actual exam question for Ping Identity's PT-AM-CPE exam
Question #: 13
Topic #: 5
[All PT-AM-CPE Questions]

In a multi-server deployment, what is the impact of not ensuring stickiness in the load balancer configuration?

Show Suggested Answer Hide Answer
Suggested Answer: D

In a high-availability PingAM 8.0.2 cluster, the Load Balancer (LB) is responsible for distributing traffic across multiple AM instances. Session Stickiness (also known as session affinity) ensures that all requests from a specific user session are routed to the same AM server that initially created the session.

According to the PingAM 'Deployment Planning' and 'Load Balancing' documentation, PingAM is designed to be 'sticky-preferred' but not 'sticky-required' if the Core Token Service (CTS) is used. If stickiness is not ensured:

Performance Impact: Every time a user request lands on a different AM server (Server B) than the one that holds the session in local memory (Server A), Server B must query the CTS (External Store) to retrieve the session details, deserialize the object, and reconstruct the session state. This cross-server look-up introduces significant latency and increases the load on the PingDS instances hosting the CTS.

CTS Load: Without stickiness, every single request becomes a 'Global' session lookup. This drastically increases the I/O and CPU overhead on the back-end directory servers, potentially leading to performance degradation of the entire identity platform.

Why other options are incorrect:

Option A: Session failover requires the CTS, but stickiness actually minimizes the need for failover logic during normal operation. Failover still works without stickiness, it just becomes the 'default' behavior for every request.

Option B: AM servers in a cluster share the same encryption keys and back-end stores. Any server can technically validate a session by looking it up in the CTS; the browser doesn't 'know' which server is correct.

Option C: Redirects are handled at the application logic level. While some internal processing changes, it doesn't necessarily result in extra browser-level HTTP redirects.

Thus, the primary negative impact of lacking stickiness in a correctly configured cluster is a decrease in performance (Option D) due to the constant session synchronization overhead.

============


Contribute your Thoughts:

0/2000 characters

Currently there are no comments in this discussion, be the first to comment!


Save Cancel