Single Sign on with high availability and remote access requires an advanced setup of load balanced authentication proxy and services behind it. Session management of authenticated state must align with the stickiness of service instances. Both are maintained through http-only cookies and Appshare PWA is not aware of them. The browser must be directed through all steps to establish the sticky and authenticated states through cookies.
When the infrastructure has the following components
- Load balancer
- Which requires authentication through identity provider
- Multiple instances of services for high availability and failover
- AIS Server which has a server-side session
- Appshare local node for shared domain with AIS Server
- Transparent Logon for identity provider username mapping