Kerberos authentication for clustered servers with load balancer
In a clustered environment where Kerberos authentication is used to authenticate users, the load balancer forwards all Kerberos authentication information to the Spotfire Servers. No configuration on the load balancer is needed, but there are certain considerations to take into account when Kerberos authentication is set up.
These are the special considerations:
- Two Service Principal Names must be created for each Spotfire Server as well as for the load balancer.
- One keytab file must be created. This must use the fully qualified Service Principal Name of the load balancer.
- This keytab file must be copied to each Spotfire Server.
- When Kerberos authentication is set up, the fully qualified Service Principal Name of the load balancer must be provided.
Parent topic: Clustered server deployments
Related tasks
- Setting up a cluster of Spotfire Servers
- Configuring NTLM for a cluster of Spotfire Servers
- Terminating TLS in a load balancer or reverse proxy
- Streaming and WebSockets for load balanced servers
- Enabling health check URL for load balanced servers
- Configuring shared import and export directory for clustered deployments