We are looking for a way to provide failover for ACS instances, so if one data-center goes offline, authentication via ACS automatically fails over into another data center.
Background:
We use ACS to transform SAML tokens that are provided by a custom-developed STS via the WS-Trust protocol. ACS is used to broker trust between our STS and a number of relying parties that are developed by 3rd parties. The relying parties are currently configured to connect to a specific ACS instance using its DNS URL.
We have looked into the following:
- Using a DNS CName entry to mask the ACS url - doesn’t work because the new DNS will not match the SSL cert on the instance, and we can’t control the SSL Cert.
- Using a proxy in front of ACS to route the requests to it - doesn’t work because the To address and Realm in the messages doesn’t match the acs namespace.
- Traffic Manager doesn’t work because of both 1 and 2, and because it won’t currently let you direct load to an address that doesn’t end in .cloudapp.net.