Helix Core Server Administrator Guide: Multi-Site Deployment (2019.2)

Authenticating users

Users must have a ticket for each server they access. The best way to handle this requirement is to set up a single login to the master, which is then valid across all replica instances. This is particularly useful with failover configurations, when you would otherwise have to re-login to the new master server.

You can set up single-sign-on authentication by using two configurables:

  • Set auth.id to the same value for all servers participating in a distributed configuration.
  • Enable rpl.forward.login (set to 1) for each replica participating in a distributed configuration.

There might be a slight lag while you wait for each instance to replicate the db.user record from the target server.