tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shaun Senecal" <>
Subject Re: mod_ajp and Load-Balancing Issue
Date Mon, 22 Sep 2008 00:45:28 GMT
Are you using the ClusterSingleSignOn Valve?  If you are, this sounds like
the behaviour I was seeing, and have since resolved.  The problem I had
(well, part of the problem) was that the SSO information was not being
replicated across the cluster when tomcat instances were brought back up.
This meant that as long as the user was connecting to one of the -original-
cluster instances everything was ok.  However, as soon as the client gets
directed to one of the newly brought up instances they have no SSO info and
are prompted for login.

The solution was relatively simple.  I had to extend the ClusterSingleSignOn
and ClusterSingleSignOnListener classes to ensure that A, when an instance
is brought down the SSO information is not deactivated across the cluster
and, B, that when an instance is brought back up that it syncs with the
cluster to gather all currently known SSO info.

I am planning on merging the information into the ClusterSingleSignOn and
ClusterSingleSignOnListener classes and proposing a patch to Tomcat, but no
one has responded to my original post and I havent had the chance to truley
verify my fix.  It seems to be running and has been for a while now, but I
wouldnt put it into a production system just yet.


On Sun, Sep 21, 2008 at 3:08 PM, Stephen Nelson-Smith <>wrote:

> Good morning,
> > By "error", I just meant that I'd get redirected to the login page
> > instead of the expected page. Sorry to confuse. There are no error
> > pages, logs or messages. Just that I got switched to a different node.
> <snip>
> >> If you want to debug a little more: In Tomcat you can add a
> >> %S to your log pattern, which will log the session id. In
> >> httpd you can log the Set-Cookie outgoing header
> >> "%{Set-Cookie}o" and the JSESSIONID cookie "%{JSESSIONID}C".
> >> If you are not using cookies, you can of course see the
> >> jsessionid path parameter dircetly in the logged URL.
> >
> > Thanks. I'll do that. (First time apache troubleshooter here). I'll get
> > back on the results.
> Did you get this to work?  I have exactly the same problem.  Apache
> 2.2 using mod_proxy_ajp with 3 x tomcat 6 instances behind it.  If I
> remove two of the tomcats from the balancer pool, the application
> works.  When I put them back in, I can log into one of the servers,
> but as soon as I change screens on the application, I'm logged out.
> This is because if the application detects a session change, it logs
> the user out.  I need the load-balancer to direct traffic to the same
> tomcat server on which the session began unless that server is down.
> S.
> ---------------------------------------------------------------------
> To start a new topic, e-mail:
> To unsubscribe, e-mail:
> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message