tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Owens" <David.Ow...@ngt.com>
Subject RE: Authentication problems with tomcat clustering.
Date Tue, 05 Apr 2005 13:25:43 GMT
Okay, not quite right...

I first hit tomcat1 though httpd.  When I submit I see successful
authentication in the log for tomcat2.  I then get the "Invalid direct
reference..." message.

I am now using mod_jk 1.2.10.

Still no idea why this is happening...

|)ave

-----Original Message-----
From: David Owens 
Sent: Tuesday, April 05, 2005 7:11 AM
To: tomcat-user@jakarta.apache.org
Subject: RE: Authentication problems with tomcat clustering.

I have done some further testing and have found what I think the problem
is, but I still do not know the solution. What is happening is that the
first time I access the webapp through httpd, I am getting the first
tomcat server.  I then type in my username and password and hit submit.
I see in the logs of the first tomcat server log the authentication
happening successfully, however, I am then redirected to the second
tomcat server where my session is not available.

 

I am using a 'lb' type load balancer, and by default it has sticky
sessions, so I wonder why I am being balanced over to the other tomcat.
Is this, perhaps, a question for the mod_jk team?  Is there such a
mailing list?

 

|)ave

 

-----Original Message-----
From: David Owens 
Sent: Monday, April 04, 2005 10:04 AM
To: 'tomcat-user@jakarta.apache.org'
Subject: Authentication problems with tomcat clustering.

 

I have setup load balancing and clustering between two Tomcat 5.5.7
instances and Apache 2.0.50 with mod_jk.  Almost everything works great.
I can fail back and forth between the 2 tomcat instances with no
trouble.  However, I am having problems with the form based
authentication.  I have an index.html file which redirects the user to a
secured resource.  When the user hits this file through Apache, it works
like normal, directing them to the login page.  However, when I attempt
to login I get "Invalid direct reference to form login page".  When I
look in the logs, I see the user is being authenticated, and the correct
roles are being found. If I continually try logging in, and hitting the
secure page, eventually I get in.  Then, if I bounce apache, the problem
starts again. If I login in the exact same manner directly against one
of the tomcat instances, everything works, and I continue to the secure
resource.  In addition, I have found that if I stop one tomcat instance,
I can login on the first try even when going through apache.  

 

It's worth noting, once I get successfully logged in once through apache
(after many tries), I can logout/in repeatedly with no problem.  Once I
bounce apache,

the problem starts again.

 

I think something strange is happening with the login stuff when tomcat
is clustered...  Maybe I'm logging into 1 tomcat successfully, but being
load balanced over

to the other one, and the session has not been completely replicated
yet?

 

Any one else out there have this issue, or have any ideas?

 

Thanks in advance!

 

|)ave


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message