Oops. My orignal post is here (
http://www.nabble.com/Clustered-SSO-improperly-invalidated-upon-web-application-shutdown-to19447895.html#a19447895).
It might descirbe the problem better to see if this is the same issue you
are facing.
On Mon, Sep 22, 2008 at 9:45 AM, Shaun Senecal <[EMAIL PROTECTED]>wrote:
> Are you using the ClusterSingleSignOn Valve? If you are, this sounds like
> the behaviour I was seeing, and have since resolved. The problem I had
> (well, part of the problem) was that the SSO information was not being
> replicated across the cluster when tomcat instances were brought back up.
> This meant that as long as the user was connecting to one of the -original-
> cluster instances everything was ok. However, as soon as the client gets
> directed to one of the newly brought up instances they have no SSO info and
> are prompted for login.
>
> The solution was relatively simple. I had to extend the
> ClusterSingleSignOn and ClusterSingleSignOnListener classes to ensure that
> A, when an instance is brought down the SSO information is not deactivated
> across the cluster and, B, that when an instance is brought back up that it
> syncs with the cluster to gather all currently known SSO info.
>
> I am planning on merging the information into the ClusterSingleSignOn and
> ClusterSingleSignOnListener classes and proposing a patch to Tomcat, but no
> one has responded to my original post and I havent had the chance to truley
> verify my fix. It seems to be running and has been for a while now, but I
> wouldnt put it into a production system just yet.
>
> S.
>
>
> On Sun, Sep 21, 2008 at 3:08 PM, Stephen Nelson-Smith <[EMAIL
> PROTECTED]>wrote:
>
>> Good morning,
>>
>> > By "error", I just meant that I'd get redirected to the login page
>> > instead of the expected page. Sorry to confuse. There are no error
>> > pages, logs or messages. Just that I got switched to a different node.
>>
>> <snip>
>>
>> >> If you want to debug a little more: In Tomcat you can add a
>> >> %S to your log pattern, which will log the session id. In
>> >> httpd you can log the Set-Cookie outgoing header
>> >> "%{Set-Cookie}o" and the JSESSIONID cookie "%{JSESSIONID}C".
>> >> If you are not using cookies, you can of course see the
>> >> jsessionid path parameter dircetly in the logged URL.
>> >
>> > Thanks. I'll do that. (First time apache troubleshooter here). I'll get
>> > back on the results.
>>
>> Did you get this to work? I have exactly the same problem. Apache
>> 2.2 using mod_proxy_ajp with 3 x tomcat 6 instances behind it. If I
>> remove two of the tomcats from the balancer pool, the application
>> works. When I put them back in, I can log into one of the servers,
>> but as soon as I change screens on the application, I'm logged out.
>> This is because if the application detects a session change, it logs
>> the user out. I need the load-balancer to direct traffic to the same
>> tomcat server on which the session began unless that server is down.
>>
>> S.
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>
