I have done some further testing and have found what I think the problem is, but I still do not know the solution. What is happening is that the first time I access the webapp through httpd, I am getting the first tomcat server. I then type in my username and password and hit submit. I see in the logs of the first tomcat server log the authentication happening successfully, however, I am then redirected to the second tomcat server where my session is not available.
I am using a 'lb' type load balancer, and by default it has sticky sessions, so I wonder why I am being balanced over to the other tomcat. Is this, perhaps, a question for the mod_jk team? Is there such a mailing list? |)ave -----Original Message----- From: David Owens Sent: Monday, April 04, 2005 10:04 AM To: 'tomcat-user@jakarta.apache.org' Subject: Authentication problems with tomcat clustering. I have setup load balancing and clustering between two Tomcat 5.5.7 instances and Apache 2.0.50 with mod_jk. Almost everything works great. I can fail back and forth between the 2 tomcat instances with no trouble. However, I am having problems with the form based authentication. I have an index.html file which redirects the user to a secured resource. When the user hits this file through Apache, it works like normal, directing them to the login page. However, when I attempt to login I get "Invalid direct reference to form login page". When I look in the logs, I see the user is being authenticated, and the correct roles are being found. If I continually try logging in, and hitting the secure page, eventually I get in. Then, if I bounce apache, the problem starts again. If I login in the exact same manner directly against one of the tomcat instances, everything works, and I continue to the secure resource. In addition, I have found that if I stop one tomcat instance, I can login on the first try even when going through apache. It's worth noting, once I get successfully logged in once through apache (after many tries), I can logout/in repeatedly with no problem. Once I bounce apache, the problem starts again. I think something strange is happening with the login stuff when tomcat is clustered... Maybe I'm logging into 1 tomcat successfully, but being load balanced over to the other one, and the session has not been completely replicated yet? Any one else out there have this issue, or have any ideas? Thanks in advance! |)ave