Reject duplicate users in a Global Scale deployment

[pmarini-nc]

In a Global Scale deployment, duplicate users should be rejected.

For example if we have two nodes gs-node01 and gs-node02, we shouldn't make it possible to have

user1@gs-node01
user1@gs-node02

in the users table as this situation leads to inconsistent behavior: to which node is the user redirected when he/she logs into the instance through the Global Site Selector Node?

The fact that is a Global Scale deployment can be based on the GLOBAL_SCALE boolean flag.

Note that this check should be done before creating the user locally in the Global Scale Node to avoid creating another inconsistent situation in which the user is created in the Global Scale Node but not in the Lookup Server. See this issue as an example of this scenario.

[ArtificialOwl]

While this might be true, this cannot be the default behavior. We have to assume that some setup can have same accountId on 2 different instance.

[pmarini-nc]

Can you please elaborate? How the Lookup Server would know whether to redirect user1 to gs-node01 or gs-node02?

[ArtificialOwl]

by specifying user1@gs-node01 or user1@gs-node02 in the login box

[pmarini-nc]

One of they key points of Global Scale, if I well understood, is to give the user the experience of a plain instance, so that users do not expect to enter their domain in the login box. In your view, all the users should enter the global scale node in which they are defined in the login box?

[ArtificialOwl]

Globalscale can be used in different ways. I do not see the issue having namesake account on different instance; not having one user with multiple account on different instance.

On a side note, this will require some work on server side to not create account on the decision of the LUS ?