j_security_check is stored as a note with the user session, but that
data is not being replicated.
Filip
On 09/17/2009 12:05 AM, Rex Wang wrote:
Dear Tomcat,
I meet a problem when config a web project which using the form based
security in clustering.
When I set session affinity = true in my front http server, the security
check was done in single node, there is no problem with that.
But if I set affinity = false, the requests from the security check process
are sent to 2 nodes, and it is really strange.. eg:
1. From index.html(NodeA), try to access protected resouce
2. Go to the logon.html(NodeB), I input the id/passwd, and then submit
3. The request looks like sent to NodeA, but did not do any check operation.
Does that work as design? that is, if I wanna use form check security, my
cluster must be session affinity?
Thanks in advance!
-Rex
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
