Dave,
Do you mean when using NLBS (the windows clustering solution)? I was under
the impression that it could not do this.
-Mark
-Original Message-
From: Dave Ross [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 6:12 PM
To: CF-Talk
Subject: Re: cflogin and load balancing
Just to complete this thread, since it's been linked to by several folks:
One customer in particular had issues ad we walked them through their code
issues. In particular, the following problems were found that prevented
CFLOGIN working in a clustered environment:
- There are nested cflogin
Win2k3 will do sticky sessions when clustered using NLB
-Dave
A hardware load balancer that provides for sticky sessions will work,
if you can afford it.
On 3/23/06, wolf2k5 [EMAIL PROTECTED] wrote:
--
CFAJAX docs and other useful articles:
http://jr-holmes.coldfusionjournal.com/
Isn't cflogin already based on JAAS? The CF (or indeed JRun)
implementation just happens to be botched?
Andy
On 28/03/06, Douglas Knudsen [EMAIL PROTECTED] wrote:
I've been wondering why the CF team has not switched over to using
J2EE security. A rewrite of cflogin code that can use JAAS
nope and nope.
I've setup JAAS in JRun, seems to work fine. In fact I setup a
serverwide SSO solution using JAAS where CF can interface with it
simply.
DK
On 3/28/06, Andy Allan [EMAIL PROTECTED] wrote:
Isn't cflogin already based on JAAS? The CF (or indeed JRun)
implementation just happens
On 3/26/06, Adam Churvis [EMAIL PROTECTED] wrote:
And one more thing... SSL really doesn't matter because you're not going to
use it everywhere on your site, only in some places, so everywhere else that
doesn't use SSL is still exposed.
The whole application will use HTTPS.
Regards.
On 3/26/06, Adam Churvis [EMAIL PROTECTED] wrote:
It doesn't work that way. Since your CFLOGINUSER call is inside a CFLOGIN
call, that CFLOGIN call *won't* run when the second server sees your
authentication cookie because CFLOGIN only runs when you are *not*
authenticated.
Actually,
I've been wondering why the CF team has not switched over to using
J2EE security. A rewrite of cflogin code that can use JAAS would be
just swell and allow integration with non CF J2EE products without
messing with web.xml files and such, eh?
DK
On 3/27/06, wolf2k5 [EMAIL PROTECTED] wrote:
On
: cflogin and load balancing
On 3/24/06, Adam Churvis [EMAIL PROTECTED] wrote:
If I'm not mistaken, *authorization* (not authentication) can't work across
multiple CF servers -- clustered or not -- because there's no mechanism for
specifying *roles* on any computer other than the one on which
Committee
Get advanced intensive Master-level training in
C# ASP.NET 2.0 for ColdFusion Developers at
ProductivityEnhancement.com
- Original Message -
From: wolf2k5
To: CF-Talk
Sent: Saturday, March 25, 2006 5:02 AM
Subject: Re: cflogin and load balancing
On 3/24/06, Adam
-
From: Adam Churvis
To: CF-Talk
Sent: Sunday, March 26, 2006 1:18 PM
Subject: Re: cflogin and load balancing
And one more thing... SSL really doesn't matter because you're not going to
use it everywhere on your site, only in some places, so everywhere else that
doesn't use SSL
Adam Churvis wrote:
It doesn't work that way. Since your CFLOGINUSER call is inside a CFLOGIN
call, that CFLOGIN call *won't* run when the second server sees your
authentication cookie because CFLOGIN only runs when you are *not*
authenticated.
So what you do is assign one standard role
at
ProductivityEnhancement.com
- Original Message -
From: Jochem van Dieten
To: CF-Talk
Sent: Sunday, March 26, 2006 4:34 PM
Subject: Re: cflogin and load balancing
Adam Churvis wrote:
It doesn't work that way. Since your CFLOGINUSER call is inside a CFLOGIN
call, that CFLOGIN call
On 3/24/06, Adam Churvis [EMAIL PROTECTED] wrote:
If I'm not mistaken, *authorization* (not authentication) can't work across
multiple CF servers -- clustered or not -- because there's no mechanism for
specifying *roles* on any computer other than the one on which CFLOGINUSER
was executed.
On 3/23/06, wolf2k5 [EMAIL PROTECTED] wrote:
But I still wonder why the cflogin cookie includes the full login info
(username/password base64 encoded), what does it need to then?
I stand corrected again!
I did further testing and the cflogin/cfloginuser code will
automatically login the user
On 3/23/06, Adam Churvis [EMAIL PROTECTED] wrote:
ColdFusion Server is broken with respect to the CFLOGIN security framework
working on a clustered system with failover. The reason is that the
authentication cookie contains the authentication information but not any
authorization (roles)
Developers at
ProductivityEnhancement.com
- Original Message -
From: wolf2k5
To: CF-Talk
Sent: Friday, March 24, 2006 4:26 PM
Subject: Re: cflogin and load balancing
On 3/23/06, Adam Churvis [EMAIL PROTECTED] wrote:
ColdFusion Server is broken with respect to the CFLOGIN
On 3/23/06, Jochem van Dieten [EMAIL PROTECTED] wrote:
If you have the username and password, why don't you log him in
yourself?
What do you mean?
Thanks.
~|
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236118
On 3/22/06, wolf2k5 [EMAIL PROTECTED] wrote:
To reply to my own question: it looks like that the cflogin cookie
includes the username/password info (I think it's base64 encoded),
when jumping from one server to another, the user is already logged
into the second server.
I take this back: I
A hardware load balancer that provides for sticky sessions will work,
if you can afford it.
On 3/23/06, wolf2k5 [EMAIL PROTECTED] wrote:
On 3/22/06, wolf2k5 [EMAIL PROTECTED] wrote:
To reply to my own question: it looks like that the cflogin cookie
includes the username/password info (I
I take this back: I did better testing and the user is NOT
automatically logged into the second server.
Yeah, I didn't get around to testing this, but I would have really been
surprised if this were true.
What would be the better/easiest way of managing a logins on
a load balanced
On 3/23/06, Dave Watts [EMAIL PROTECTED] wrote:
Yeah, I didn't get around to testing this, but I would have really been
surprised if this were true.
But I still wonder why the cflogin cookie includes the full login info
(username/password base64 encoded), what does it need to then?
Build your
PROTECTED]
To: CF-Talk cf-talk@houseoffusion.com
Sent: Thursday, March 23, 2006 12:56 PM
Subject: Re: cflogin and load balancing
On 3/23/06, Dave Watts [EMAIL PROTECTED] wrote:
Yeah, I didn't get around to testing this, but I would have really been
surprised if this were true.
But I still wonder
wolf2k5 wrote:
I take this back: I did better testing and the user is NOT
automatically logged into the second server.
Basically there is a cflogin limitation with simple DNS round robin
load balancing (no clustering) on multiple web servers: the login
session isn't shared between the
On 3/21/06, wolf2k5 [EMAIL PROTECTED] wrote:
That's exactly what I'm wondering: does the cflogin cookie include all
the info (username/password) needed to (automatically)
(re)authenticate the user on a server if he previously authenticated
on another server?
To reply to my own question: it
On 3/22/06, wolf2k5 [EMAIL PROTECTED] wrote:
Now I'm hitting a weird issue with cflogin, someontimes after using my
app for a few time, I'm logged out automatically, I cannot reproduce
the issue in a consistent way, but it happens once in a while.
BTW, I'm on ColdFusion MX 6.1 Updater
Hi all,
I'm working on a simple ColdFusion application.
The user will have to login, before being able to use any feature of
the application.
I was thinking to use the CF security framework (cflogin, etc.) to
manage authentication and authorization for my application.
Most probably the
The user will have to login, before being able to use any
feature of the application.
I was thinking to use the CF security framework (cflogin,
etc.) to manage authentication and authorization for my
application.
Most probably the application will reside on several web
servers and
On 3/21/06, Dave Watts [EMAIL PROTECTED] wrote:
If you use round-robin DNS, it is unlikely that the user will be sent to one
server, then another. When the user attempts to connect initially, the DNS
server will issue one IP address, and that IP address will be cached for
some time by the
29 matches
Mail list logo
