tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Rossbach ...@objektpark.de>
Subject Re: problem with tomcat clusters sso with apache load balancer
Date Thu, 03 May 2007 18:16:22 GMT
Hi,

the clusterSSO implementation is not ready:

-	at normal shutdown from one application or a node all sessions are  
expired.
		clusterSSO is a normal session listener and context stop expires  
all sessions.
-	The sessionID rewrite from JvmRouteBinderValve are not coordinated  
with clusterSSO sessionID cache.
-	I have made some improvements at the tomcat 5.5 backport :-(

Peter


Am 03.05.2007 um 19:24 schrieb Filip Hanik - Dev Lists:

> I don't think the clusterSSO implementation ever really got  
> finished. It got submitted, but never completed.
> At least that was my impression of it
>
> Filip
>
> Alejandro Fernandez wrote:
>> Hi, I am Alejandro from Argentina.
>>
>> I am having an issue with tomcat 6.0.10 using clusters and single  
>> sign on, while performing load balance with apache 2.2
>>
>> When I am accessing a secured page, I try to login (the login form  
>> is shown correctly) but I receive the following:
>>
>> HTTP Status 400 - Invalid direct reference to form login page
>>
>> Note: The load balancer makes me switch between 2 tomcat servers.  
>> One switch by page request.
>>
>> Please tell me if the info is not enough.
>>
>> Thank you in advance.
>>
>> --------------------------------------------------------------------- 
>> -----
>> httpd.conf
>> --------------------------------------------------------------------- 
>> -----
>>
>> ....
>>
>> <Location /balancer-manager>
>> SetHandler balancer-manager
>> </Location>
>>
>> <Proxy balancer://cluster>
>> BalancerMember ajp://sismcarrizo:8009
>> BalancerMember ajp://servisitadores4:8009
>> </Proxy>
>>
>> <Proxy balancer://clusterb>
>> BalancerMember ajp://servisitadores4:8009
>> </Proxy>
>>
>> <Location /portal-a>
>> ProxyPass balancer://cluster/portal-a stickysession=JSESSIONID
>> </Location>
>>
>> <Location /portal-b>
>> ProxyPass balancer://clusterb/portal-b stickysession=JSESSIONID
>> </Location>
>>
>> <Location /portal-c>
>> ProxyPass balancer://cluster/portal-c stickysession=JSESSIONID
>> </Location>
>>
>> <Location /accesos-sso>
>> ProxyPass balancer://cluster/accesos-sso stickysession=JSESSIONID
>> </Location>
>>
>> ....
>>
>> --------------------------------------------------------------------- 
>> -----
>> server.xml
>> --------------------------------------------------------------------- 
>> -----
>> ....
>>
>>    <Engine name="Catalina" defaultHost="localhost">
>>
>>       <Cluster  
>> className="org.apache.catalina.ha.tcp.SimpleTcpCluster"  
>> channelSendOptions="8">
>>           <Manager  
>> className="org.apache.catalina.ha.session.DeltaManager"  
>> expireSessionsOnShutdown="false"                     
>> notifyListenersOnReplication="true"/>
>>
>>           <Channel  
>> className="org.apache.catalina.tribes.group.GroupChannel">
>>             <Membership  
>> className="org.apache.catalina.tribes.membership.McastService"
>>                         address="228.0.0.4"
>>                         port="45564"
>>                         frequency="500"
>>                         dropTime="3000"/>
>>             <Receiver  
>> className="org.apache.catalina.tribes.transport.nio.NioReceiver"
>>                       address="auto"
>>                       port="4000"
>>                       autoBind="100"
>>                       selectorTimeout="5000"
>>                       maxThreads="6"/>
>>
>>             <Sender  
>> className="org.apache.catalina.tribes.transport.ReplicationTransmitte 
>> r">
>>               <Transport  
>> className="org.apache.catalina.tribes.transport.nio.PooledParallelSen 
>> der"/>
>>             </Sender>
>>             <Interceptor  
>> className="org.apache.catalina.tribes.group.interceptors.TcpFailureDe 
>> tector"/>
>>             <Interceptor  
>> className="org.apache.catalina.tribes.group.interceptors.MessageDispa 
>> tch15Interceptor"/>
>>           </Channel>
>>
>>           <Valve  
>> className="org.apache.catalina.ha.tcp.ReplicationValve"
>>                  filter=""/>
>>           <Valve  
>> className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
>>
>>           <Deployer  
>> className="org.apache.catalina.ha.deploy.FarmWarDeployer"
>>                     tempDir="/tmp/war-temp/"
>>                     deployDir="/tmp/war-deploy/"
>>                     watchDir="/tmp/war-listen/"
>>                     watchEnabled="false"/>
>>
>>           <ClusterListener  
>> className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderList 
>> ener"/>
>>           <ClusterListener  
>> className="org.apache.catalina.ha.session.ClusterSessionListener"/>
>>         </Cluster>
>>
>>      <Valve  
>> className="org.apache.catalina.authenticator.SingleSignOn"  
>> debug="0"/>
>>       <Realm className="org.apache.catalina.realm.JDBCRealm"
>>                
>> driverName="com.microsoft.jdbc.sqlserver.SQLServerDriver"
>>              connectionURL="jdbc:microsoft:sqlserver:// 
>> desa-0:1433;databasename=accesos;selectmethod=cursor"
>>               connectionName="accesosusr"
>>         connectionPassword="j1ra808fa"
>>               userTable="users"
>>         userNameCol="username"
>>         userCredCol="password"
>>              userRoleTable="user_role"
>>         roleNameCol="role"
>>         debug="99"
>>       />
>>
>>       <Host name="localhost" appBase="webapps" unpackWARs="true"  
>> autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
>>       </Host>
>> </Engine>
>> ....
>>
>> --------------------------------------------------------------------- 
>> -----
>> web.xml
>> --------------------------------------------------------------------- 
>> -----
>> ....
>>
>>  <!-- Define a Security Constraint on this Application -->
>>   <security-constraint>
>>     <web-resource-collection>
>>       <web-resource-name>portal-a</web-resource-name>
>>       <url-pattern>/mercados.jsp</url-pattern>
>>       <url-pattern>/mercados.page</url-pattern>
>>       <url-pattern>/mercados.jsf</url-pattern>
>>     </web-resource-collection>
>>     <auth-constraint>
>>        <!-- NOTE:  This role is not present in the default users  
>> file -->
>>        <role-name>accesos</role-name>
>>     </auth-constraint>
>>   </security-constraint>
>>
>>   <!-- Define the Login Configuration for this Application -->
>>   <login-config>
>>     <auth-method>FORM</auth-method>
>>     <realm-name>Portal A Application</realm-name>
>>     <form-login-config>
>>        <form-login-page>/login.jsp</form-login-page>
>>        <form-error-page>/error.jsp</form-error-page>
>>  </form-login-config>
>>   </login-config>
>>
>>   <!-- Security roles referenced by this web application -->
>>   <security-role>
>>     <description>
>>       The role that is required to log in to the Manager Application
>>     </description>
>>     <role-name>accesos</role-name>
>>   </security-role>
>>
>> <distributable/>
>> ....
>>    
>> --------------------------------------------------------------------- 
>> ---
>>
>> No virus found in this incoming message.
>> Checked by AVG Free Edition. Version: 7.5.467 / Virus Database:  
>> 269.6.2/784 - Release Date: 5/1/2007 2:57 PM
>>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message