tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Frieden <pfrie...@dChain.com>
Subject Re: how to maintain session between HTTP and HTTPS?
Date Sat, 09 Dec 2000 19:01:38 GMT
In a load balanced environment, this is tricky with people behind a IP
randomizing proxy (like AOL).  If you use all SSL, the load balancer can
track the SSL session ID across different IPs.  If you use all non-SSL,
you can track with a cookie.  You can use IP based sticky if the IP
stays the same.  Its tricky if you have to mix more than one of those.

What we're doing is using IP sticky with our load balancers, with mod_jk
sending all new sessions to the local server, and redistributing them to
the proper server if they aren't local.  I might write up a document
describing how we run Tomcat in this environment if anybody is
interested.

Paul

Mime
View raw message