Jun 30, 2014 02:48 AM|Sergey78|LINK
We have an asmx web service which uses WSE 3.0 extension. The service runs on a web farm with hardware load balancer. For now we have to use sticky sessions on load balancer for the service. If we switch sticky sessions off then we get WSE910 error with
description "Security requirements not satisfied because security header is not present in the incoming message" for some calls (which are delivered by load balanced to "wrong" server). We use custom username token manager in our service.
So how should we configure service and client in order to force them work on a web farm?
According to this http://msdn.microsoft.com/en-us/library/aa529245.aspx article statefull security context token should be used. And we do set statefull token "true" in our service configuration file.
In this http://msdn.microsoft.com/en-us/library/ms996470.aspx article database persistent token cache is mentioned. But the article is about WSE 2.0. Is it relevant for WSE 3.0 too? Should we implement such persistent cache in our application?
Thanks in advance.