I’ve played around with privacyidea. Getting a working setup was really straightforward. The product looks very promising!
To test if the product meets my production requirements, I also tried MySQL replication in a Master-Master setup. The following test case failed in my setup:
disconnect the two master MySQL servers from each other (create a split brain)
cause a (first time) failed login attempt on both sites for a specific token
re-connect the two MySQL servers
Replication fails at this point. It fails on replicating an INSERT query in the tokeninfo table.
Before adding a ton of details to this question. I’d like to know the answer to these questions:
How mature is Master-Master replication in the application?
Where can I find detailed documentation on this topic? That would be very helpful to complete this Proof Of Concept.
There is no “Master-Master-Replication in this application”. It is pure MySQL. No application logic. So: Totally mature. 100% perfect in this application!
If you serious about this, you should
a) consider getting professional help
b) use privacyIDEA Enterprise Edition, which has an appliance feature to setup master master.
i also had a test setup with master-master replication (mysql). I would not say it was flawless and yes, it did had some mysql errors specifically 1032 when one slave for whatever reasons suddenly stops and the database could not insert some query in a table. But you can easily create a workaround for this using cronjobs that will auto-resync your databases. You probably also have to configure your db with guids etc. So yeah, like what @cornelinux said, i also think the better option would be to get professional help to set up your privacyidea server which will suit your needs.