Return-Path: Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm Delivered-To: mailing list tomcat-dev@jakarta.apache.org Received: (qmail 83029 invoked from network); 14 Dec 2000 15:25:41 -0000 Received: from web11204.mail.yahoo.com (216.136.131.186) by locus.apache.org with SMTP; 14 Dec 2000 15:25:41 -0000 Message-ID: <20001214152540.10461.qmail@web11204.mail.yahoo.com> Received: from [216.27.75.2] by web11204.mail.yahoo.com; Thu, 14 Dec 2000 07:25:40 PST Date: Thu, 14 Dec 2000 07:25:40 -0800 (PST) From: Weigen Liang Subject: Re: how to maintain session between HTTP and HTTPS? To: tomcat-dev@jakarta.apache.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N --- Paul Frieden wrote: > In a load balanced environment, this is tricky with > people behind a IP > randomizing proxy (like AOL). If you use all SSL, > the load balancer can > track the SSL session ID across different IPs. If > you use all non-SSL, > you can track with a cookie. You can use IP based > sticky if the IP > stays the same. Its tricky if you have to mix more > than one of those. > > What we're doing is using IP sticky with our load > balancers, with mod_jk > sending all new sessions to the local server, and > redistributing them to > the proper server if they aren't local. I might > write up a document > describing how we run Tomcat in this environment if > anybody is > interested. Please write up a doc, and post it on the list. Thanks. Weigen __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/