tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filip Hanik - Dev Lists <devli...@hanik.com>
Subject Re: problem with tomcat clusters sso with apache load balancer
Date Thu, 03 May 2007 17:24:14 GMT
I don't think the clusterSSO implementation ever really got finished. It 
got submitted, but never completed.
At least that was my impression of it

Filip

Alejandro Fernandez wrote:
> Hi, I am Alejandro from Argentina.
>
> I am having an issue with tomcat 6.0.10 using clusters and single sign on, while performing
load balance with apache 2.2
>
> When I am accessing a secured page, I try to login (the login form is shown correctly)
but I receive the following:
>
> HTTP Status 400 - Invalid direct reference to form login page
>
> Note: The load balancer makes me switch between 2 tomcat servers. One switch by page
request.
>
> Please tell me if the info is not enough.
>
> Thank you in advance.
>
> --------------------------------------------------------------------------
> httpd.conf
> --------------------------------------------------------------------------
>
> ....
>
> <Location /balancer-manager>
> SetHandler balancer-manager
> </Location>
>
> <Proxy balancer://cluster>
> BalancerMember ajp://sismcarrizo:8009
> BalancerMember ajp://servisitadores4:8009
> </Proxy>
>
> <Proxy balancer://clusterb>
> BalancerMember ajp://servisitadores4:8009
> </Proxy>
>
> <Location /portal-a>
> ProxyPass balancer://cluster/portal-a stickysession=JSESSIONID
> </Location>
>
> <Location /portal-b>
> ProxyPass balancer://clusterb/portal-b stickysession=JSESSIONID
> </Location>
>
> <Location /portal-c>
> ProxyPass balancer://cluster/portal-c stickysession=JSESSIONID
> </Location>
>
> <Location /accesos-sso>
> ProxyPass balancer://cluster/accesos-sso stickysession=JSESSIONID
> </Location>
>
> ....
>
> --------------------------------------------------------------------------
> server.xml
> --------------------------------------------------------------------------
> ....
>
>    <Engine name="Catalina" defaultHost="localhost">
>
>       <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster" channelSendOptions="8">
>           <Manager className="org.apache.catalina.ha.session.DeltaManager" expireSessionsOnShutdown="false"

>                    notifyListenersOnReplication="true"/>
>
>           <Channel className="org.apache.catalina.tribes.group.GroupChannel">
>             <Membership className="org.apache.catalina.tribes.membership.McastService"
>                         address="228.0.0.4"
>                         port="45564"
>                         frequency="500"
>                         dropTime="3000"/>
>             <Receiver className="org.apache.catalina.tribes.transport.nio.NioReceiver"
>                       address="auto"
>                       port="4000"
>                       autoBind="100"
>                       selectorTimeout="5000"
>                       maxThreads="6"/>
>
>             <Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
>               <Transport className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
>             </Sender>
>             <Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
>             <Interceptor className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
>           </Channel>
>
>           <Valve className="org.apache.catalina.ha.tcp.ReplicationValve"
>                  filter=""/>
>           <Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
>
>           <Deployer className="org.apache.catalina.ha.deploy.FarmWarDeployer"
>                     tempDir="/tmp/war-temp/"
>                     deployDir="/tmp/war-deploy/"
>                     watchDir="/tmp/war-listen/"
>                     watchEnabled="false"/>
>
>           <ClusterListener className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener"/>
>           <ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
>         </Cluster>
>
>      <Valve className="org.apache.catalina.authenticator.SingleSignOn" debug="0"/>
>       <Realm className="org.apache.catalina.realm.JDBCRealm"
>               driverName="com.microsoft.jdbc.sqlserver.SQLServerDriver"
>              connectionURL="jdbc:microsoft:sqlserver://desa-0:1433;databasename=accesos;selectmethod=cursor"
>               connectionName="accesosusr"
>         connectionPassword="j1ra808fa"
>               userTable="users"
>         userNameCol="username"
>         userCredCol="password"
>              userRoleTable="user_role"
>         roleNameCol="role"
>         debug="99"
>       />
>
>       <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
>       </Host>
> </Engine>
> ....
>
> --------------------------------------------------------------------------
> web.xml
> --------------------------------------------------------------------------
> ....
>
>  <!-- Define a Security Constraint on this Application -->
>   <security-constraint>
>     <web-resource-collection>
>       <web-resource-name>portal-a</web-resource-name>
>       <url-pattern>/mercados.jsp</url-pattern>
>       <url-pattern>/mercados.page</url-pattern>
>       <url-pattern>/mercados.jsf</url-pattern>
>     </web-resource-collection>
>     <auth-constraint>
>        <!-- NOTE:  This role is not present in the default users file -->
>        <role-name>accesos</role-name>
>     </auth-constraint>
>   </security-constraint>
>
>   <!-- Define the Login Configuration for this Application -->
>   <login-config>
>     <auth-method>FORM</auth-method>
>     <realm-name>Portal A Application</realm-name>
>     <form-login-config>
>        <form-login-page>/login.jsp</form-login-page>
>        <form-error-page>/error.jsp</form-error-page>
>  </form-login-config>
>   </login-config>
>
>   <!-- Security roles referenced by this web application -->
>   <security-role>
>     <description>
>       The role that is required to log in to the Manager Application
>     </description>
>     <role-name>accesos</role-name>
>   </security-role>
>
> <distributable/>
> ....
>   
> ------------------------------------------------------------------------
>
> No virus found in this incoming message.
> Checked by AVG Free Edition. 
> Version: 7.5.467 / Virus Database: 269.6.2/784 - Release Date: 5/1/2007 2:57 PM
>   


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message