tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vaneet Sharma" <>
Subject RE: Authentication problems with tomcat clustering.
Date Tue, 05 Apr 2005 13:12:45 GMT

I suggest u do step by step again
You will find the bug.

Start from basic . First run one ... And then try loadbalancer.. Later


-----Original Message-----
From: David Owens [] 
Sent: Tuesday, April 05, 2005 3:11 PM
Subject: RE: Authentication problems with tomcat clustering.

I have done some further testing and have found what I think the problem
is, but I still do not know the solution. What is happening is that the
first time I access the webapp through httpd, I am getting the first
tomcat server.  I then type in my username and password and hit submit.
I see in the logs of the first tomcat server log the authentication
happening successfully, however, I am then redirected to the second
tomcat server where my session is not available.


I am using a 'lb' type load balancer, and by default it has sticky
sessions, so I wonder why I am being balanced over to the other tomcat.
Is this, perhaps, a question for the mod_jk team?  Is there such a
mailing list?




-----Original Message-----
From: David Owens 
Sent: Monday, April 04, 2005 10:04 AM
To: ''
Subject: Authentication problems with tomcat clustering.


I have setup load balancing and clustering between two Tomcat 5.5.7
instances and Apache 2.0.50 with mod_jk.  Almost everything works great.
I can fail back and forth between the 2 tomcat instances with no
trouble.  However, I am having problems with the form based
authentication.  I have an index.html file which redirects the user to a
secured resource.  When the user hits this file through Apache, it works
like normal, directing them to the login page.  However, when I attempt
to login I get "Invalid direct reference to form login page".  When I
look in the logs, I see the user is being authenticated, and the correct
roles are being found. If I continually try logging in, and hitting the
secure page, eventually I get in.  Then, if I bounce apache, the problem
starts again. If I login in the exact same manner directly against one
of the tomcat instances, everything works, and I continue to the secure
resource.  In addition, I have found that if I stop one tomcat instance,
I can login on the first try even when going through apache.  


It's worth noting, once I get successfully logged in once through apache
(after many tries), I can logout/in repeatedly with no problem.  Once I
bounce apache,

the problem starts again.


I think something strange is happening with the login stuff when tomcat
is clustered...  Maybe I'm logging into 1 tomcat successfully, but being
load balanced over

to the other one, and the session has not been completely replicated


Any one else out there have this issue, or have any ideas?


Thanks in advance!



Vaneet Sharma
executive manager	
iDeasTank Limited	
an iwg business
dolphins' court po 388
valletta, m-malta/europe
mobile:	 +356 9943 8263
fax:	 +356 9952 8888
phone:	 +356 9942 8888
call me on - my ID is CALLVANEET

Want a signature like this? -\signature

iwg is a global e-mobile company creating, building and growing new businesses.  iwg founders
are pioneers in creating multi-billion dollar mobile and Internet businesses in Europe, Asia
and the US.

Privileged/Confidential Information may be contained in this message.  If you are not the
addressee indicated in this message (or responsible for delivery of the message to such person),
you may not copy or deliver this message to anyone. In such case, you should destroy this
message and kindly notify the sender by reply email.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message