-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mark,
On 3/12/15 1:13 PM, Mark Thomas wrote: > On 12/03/2015 15:20, Sascha Skorupa wrote: >> Hi, >> >> here: >> >> http://grokbase.com/t/tomcat/users/13bvsbwb8s/multiple-servers-and-digest-authentication >> >> >> the same problem is described and the recommended solution is to use sticky load balancing. But, the problem in a tomcat cluster is that the session ID is generated after a successful authentication. The first http response (401 with Authentication Header) does not contain a session ID. >> >> How should sticky load balancing be configured or how to enforce >> session id generation before authentication? > > Most load-balancers have various options for doing this that don't > depend on the back-end server at all. Perhaps an option in Tomcat that will force the creation of a session when a DIGEST authentication is requested might be useful. This would tie e.g. mod_jk to the proper back-end server. I'm not sure how this could be done using mod_jk without such a feature, or changes to mod_jk itself to annotate the request with the chosen worker, which could then be converted into a cookie in order to keep the node-hint associated with the client. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVAwIvAAoJEBzwKT+lPKRYOc4P/2+nCQm+qwhJpz5hxEFaxebx Y34D5ZF9D4OEdGeaRKNj+mYfDPHDpkbI2Ks3bewf1esnIlA96F4oXPdkXMc2Gn/F 1ETNN78g5ulquya/AYmNjVq1fAtjoaiiisKpv5iM0DJIVA0EdH3T8yUoA9t4MwPc ndnt89eFfCeFi3FcJCP6EE1TFib+qWsBsAAwSP1J6JttzCDHviDjLt4aTABwBhXf AAPzD2kLZm69FjphNOLTqaFr0Ec8+uSCGjK+UuC8AgaXYScnxBg92Y80lgqPV77m 7A6TOIVx1O8e1/6Wj1JCk4YrTrjB+90nShkATgnXBy4/DO/jEtFP7QyRovCYbuwf 9kUdl/6IovpR4j4OyYQ8EUPQqXeT3fpKZDk4XiW3iqdRX+zSyBvi95Igd+H9QfEH gK1cMmeXQEdEY0XlgXU82iVNyzbl+JWma8QswiSnXEdYdxPUTKuaZkpx2W/757ID GFlYa87tbHQbfbSnBAx5SqaoIVKqZaob7fnVkD32b0uiaCqw7nxhuB8q/QeiY9e8 8lUoTrccj5Uo+5liBp5/0ztSjSkdIZmUQdLnGhaGDBA9t1zNeyOfbNSXQjHKeEJf l/tl7GNgQ+56pGrlwmuJLPQRTyjwcx+6B9SmpUhJly4YaxMS13Tk77azwVnjCEV4 RQu1uvmH9wOhNCocyyAe =TebI -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
