-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Simon,
Simon Papillon wrote: | Forgive me if I'm overlooking something, but as far as I understand | it, the sticky session mechanism is driven off the JSESSIONID that is | assigned by the tomcat container when a client first makes a request | that instigates a session creation, if no JSESSIONID cookie was sent | as part of the request the node is chosen according to the | worker.loadbalancer.method (Request, Session, Traffic, Busyness i | think Request is the default). I'm a little unclear on the details within mod_jk, but yes, that's the idea. | Once a JSESSIONID has been set by a | container the load balancer will then attach the JVMRoute onto the | end which will then be used by the jk load balancer in future requests | to determine the node to use to service the request. e.g. if I have | three nodes (tomcatA, tomcatB, tomcatC) I could have the following | scenario... | | child.first-domain.com : JSESSIONID = D75AA77AC6FBF43F2C2DDC195DDA6D44.tomcatC | doctor.second-domain.com : JSESSIONID = 5D211C177DFB064DEF731832CF07D693.tomcatA | nurse.third-domain.co.uk : JSESSIONID = E1EC672CAAA3F2F8348C2A23991DF46B.tomcatB Hmm... I'm beginning to see the problem. That wasn't entirely clear from your original post. Since you want to use SSO, I'm assuming that you are running all three (or more) applications in the same instance of Tomcat, even though there are multiple instances of Tomcat at work (on separate servers, presumably). The first request to each of these domain names does not include a cookie because the domains do not match. Each initial request to the distinct domains causes a fresh random choice amongst the servers, so you are not likely to get lucky and have all your initial requests randomly end up at the same server, and therefore SSO fails. :( | Let me know if I'm misunderstanding some fundermental way in which the | jk load balancer works, or if I'm not explaing myself well, No, you were right... I just wasn't understanding your initial question. So, really, it's not that you want to "load balance" based upon IP address... you really want to predictably choose a member of the server farm based upon some knowledge of the client such that, regardless of the domain name used, the initial request (and therefore all the rest) go to a particular member. You may be able to do this, but you'll certainly have to hack mod_jk in order to do it. I believe there is a method in mod_jk that chooses the jvmRoute for the first (JSESSIONID-less) request. If you were to modify that algorithm, you could achieve your goal, here. I'm a little worried that you might implement a fragile algorithm, though, and end up with an unbalanced load balancer. Do you have options other than using SSO? Come to think of it... how does SSO work when you switch domains with even a single server -- that is, without load balancing in the mix? I would expect that, since you are switching domains, your browser would not send a JSESSIONID cookie to the server, and thus you would not be recognized as having an existing session. ??! - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkhRqswACgkQ9CaO5/Lv0PDukQCeMKv8qpvuvKsag1AMLWqsaNSV GA4An19MrUrE/FPRTGMpWvNSLgF5Zs3K =n6yV -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]