Just a follow-up to let others know how this worked out.
The fix turned out to be pure load balancer configuration. Cisco Support
instructed us to use the CSS load balancer's "urlrewrite" feature to ensure
that the HTTP 302's after Tomcat-managed authentication come back targeting the
correct
Thanks for the suggestions, Hari. I've provided some Ethereal packet capture
files to Cisco, and they're evaluating the behavior from their side. I'll post
anything useful that comes out of their investigation.
Thanks again!
Brian Burt
Enterprise Application Engineer
Gordon Food Service
e-ma
A couple of suggestions:
- force all traffic on load balancer to/from extrenal world to SSL.
- after form authentication on Tomcat, redirect users to the URL used
by the load balancer - i.e. not XXX:8080/authenticate but
www.YYY.com/authenticate
- or both
Hope this helps.
regards,
Hari Mailv