Dave,
Do you mean when using NLBS (the windows clustering solution)? I was under
the impression that it could not do this.
-Mark
-Original Message-
From: Dave Ross [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 6:12 PM
To: CF-Talk
Subject: Re: cflogin and load balancing
Win2k3 will do sticky sessions when clustered using NLB
-Dave
>A hardware load balancer that provides for sticky sessions will work,
>if you can afford it.
>
>On 3/23/06, wolf2k5 <[EMAIL PROTECTED]> wrote:
>
>--
>CFAJAX docs and other useful articles:
>http://jr-holmes.coldfusionjournal.com/
~~~
Just to complete this thread, since it's been linked to by several folks:
One customer in particular had issues ad we walked them through their code
issues. In particular, the following problems were found that prevented
CFLOGIN working in a clustered environment:
- There are nested cflogin ta
nope and nope.
I've setup JAAS in JRun, seems to work fine. In fact I setup a
serverwide SSO solution using JAAS where CF can interface with it
simply.
DK
On 3/28/06, Andy Allan <[EMAIL PROTECTED]> wrote:
> Isn't cflogin already based on JAAS? The CF (or indeed JRun)
> implementation just happe
Isn't cflogin already based on JAAS? The CF (or indeed JRun)
implementation just happens to be botched?
Andy
On 28/03/06, Douglas Knudsen <[EMAIL PROTECTED]> wrote:
> I've been wondering why the CF team has not switched over to using
> J2EE security. A rewrite of cflogin code that can use JAAS w
I've been wondering why the CF team has not switched over to using
J2EE security. A rewrite of cflogin code that can use JAAS would be
just swell and allow integration with non CF J2EE products without
messing with web.xml files and such, eh?
DK
On 3/27/06, wolf2k5 <[EMAIL PROTECTED]> wrote:
>
On 3/26/06, Adam Churvis <[EMAIL PROTECTED]> wrote:
> It doesn't work that way. Since your CFLOGINUSER call is inside a CFLOGIN
> call, that CFLOGIN call *won't* run when the second server sees your
> authentication cookie because CFLOGIN only runs when you are *not*
> authenticated.
Actually,
On 3/26/06, Adam Churvis <[EMAIL PROTECTED]> wrote:
> And one more thing... SSL really doesn't matter because you're not going to
> use it everywhere on your site, only in some places, so everywhere else that
> doesn't use SSL is still exposed.
The whole application will use HTTPS.
Regards.
~~
usion Developers at
ProductivityEnhancement.com
- Original Message -
From: Jochem van Dieten
To: CF-Talk
Sent: Sunday, March 26, 2006 4:34 PM
Subject: Re: cflogin and load balancing
Adam Churvis wrote:
> It doesn't work that way. Since your CFLOGINUSER call is inside a CFLOG
Adam Churvis wrote:
> It doesn't work that way. Since your CFLOGINUSER call is inside a CFLOGIN
> call, that CFLOGIN call *won't* run when the second server sees your
> authentication cookie because CFLOGIN only runs when you are *not*
> authenticated.
So what you do is assign one standard rol
ement.com
- Original Message -
From: Adam Churvis
To: CF-Talk
Sent: Sunday, March 26, 2006 1:18 PM
Subject: Re: cflogin and load balancing
And one more thing... SSL really doesn't matter because you're not going to
use it everywhere on your site, only in some pla
r
BlueDragon Alliance Founding Committee
Get advanced intensive Master-level training in
C# & ASP.NET 2.0 for ColdFusion Developers at
ProductivityEnhancement.com
- Original Message -
From: wolf2k5
To: CF-Talk
Sent: Saturday, March 25, 2006 5:02 AM
Subject: Re: cflogin and l
Subject: Re: cflogin and load balancing
On 3/24/06, Adam Churvis <[EMAIL PROTECTED]> wrote:
> If I'm not mistaken, *authorization* (not authentication) can't work across
multiple CF servers -- clustered or not -- because there's no mechanism for
specifying *roles* on an
On 3/24/06, Adam Churvis <[EMAIL PROTECTED]> wrote:
> If I'm not mistaken, *authorization* (not authentication) can't work across
> multiple CF servers -- clustered or not -- because there's no mechanism for
> specifying *roles* on any computer other than the one on which CFLOGINUSER
> was execu
training in
C# & ASP.NET for ColdFusion Developers at
ProductivityEnhancement.com
- Original Message -
From: wolf2k5
To: CF-Talk
Sent: Friday, March 24, 2006 4:26 PM
Subject: Re: cflogin and load balancing
On 3/23/06, Adam Churvis <[EMAIL PROTECTED]> wrote:
On 3/23/06, Adam Churvis <[EMAIL PROTECTED]> wrote:
> ColdFusion Server is broken with respect to the CFLOGIN security framework
> working on a clustered system with failover. The reason is that the
> authentication cookie contains the authentication information but not any
> authorization (roles)
On 3/23/06, wolf2k5 <[EMAIL PROTECTED]> wrote:
> But I still wonder why the cflogin cookie includes the full login info
> (username/password base64 encoded), what does it need to then?
I stand corrected again!
I did further testing and the cflogin/cfloginuser code will
automatically login the use
On 3/23/06, Jochem van Dieten <[EMAIL PROTECTED]> wrote:
> If you have the username and password, why don't you log him in
> yourself?
What do you mean?
Thanks.
~|
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236118
wolf2k5 wrote:
>
> I take this back: I did better testing and the user is NOT
> automatically logged into the second server.
>
> Basically there is a cflogin limitation with simple DNS round robin
> load balancing (no clustering) on multiple web servers: the login
> session isn't shared between t
: "wolf2k5" <[EMAIL PROTECTED]>
To: "CF-Talk"
Sent: Thursday, March 23, 2006 12:56 PM
Subject: Re: cflogin and load balancing
> On 3/23/06, Dave Watts <[EMAIL PROTECTED]> wrote:
> > Yeah, I didn't get around to testing this, but I would have really bee
On 3/23/06, Dave Watts <[EMAIL PROTECTED]> wrote:
> Yeah, I didn't get around to testing this, but I would have really been
> surprised if this were true.
But I still wonder why the cflogin cookie includes the full login info
(username/password base64 encoded), what does it need to then?
> Build
> I take this back: I did better testing and the user is NOT
> automatically logged into the second server.
Yeah, I didn't get around to testing this, but I would have really been
surprised if this were true.
> What would be the better/easiest way of managing a logins on
> a load balanced appli
A hardware load balancer that provides for sticky sessions will work,
if you can afford it.
On 3/23/06, wolf2k5 <[EMAIL PROTECTED]> wrote:
> On 3/22/06, wolf2k5 <[EMAIL PROTECTED]> wrote:
> > To reply to my own question: it looks like that the cflogin cookie
> > includes the username/password info
On 3/22/06, wolf2k5 <[EMAIL PROTECTED]> wrote:
> To reply to my own question: it looks like that the cflogin cookie
> includes the username/password info (I think it's base64 encoded),
> when jumping from one server to another, the user is already logged
> into the second server.
I take this back:
On 3/22/06, wolf2k5 <[EMAIL PROTECTED]> wrote:
> Now I'm hitting a weird issue with cflogin, someontimes after using my
> app for a few time, I'm logged out automatically, I cannot reproduce
> the issue in a consistent way, but it happens once in a while.
BTW, I'm on ColdFusion MX 6.1 Updater (6,1
On 3/21/06, wolf2k5 <[EMAIL PROTECTED]> wrote:
> That's exactly what I'm wondering: does the cflogin cookie include all
> the info (username/password) needed to (automatically)
> (re)authenticate the user on a server if he previously authenticated
> on another server?
To reply to my own question:
On 3/21/06, Dave Watts <[EMAIL PROTECTED]> wrote:
> If you use round-robin DNS, it is unlikely that the user will be sent to one
> server, then another. When the user attempts to connect initially, the DNS
> server will issue one IP address, and that IP address will be cached for
> some time by the
> The user will have to login, before being able to use any
> feature of the application.
>
> I was thinking to use the CF security framework (cflogin,
> etc.) to manage authentication and authorization for my
> application.
>
> Most probably the application will reside on several web
> serve
28 matches
Mail list logo
