If you are running a cluster with Sling on Oak/Mongo then sticky sessions would be required due to eventual consistent nature of repository. Changes done on one cluster node would not be immediately visible on other cluster node. Hence to provide a consistent user experience sticky sessions would be required Chetan Mehrotra
On Thu, Jan 12, 2017 at 7:34 AM, lancedolan <lance.do...@gmail.com> wrote: > The only example code I can find to authenticate to Sling will use the JEE > servlet container's "j_security_check" which then stores the authenticated > session in App Server memory. A load-balancer without sticky-sessions > enabled will cause an unstable experience for users, in which they are > suddenly unauthenticated. > > -Does Sling already offer a mechanism for authenticating without storing > that JCR session in Servlet Container Session? > -Do any of you avoid sticky sessions without writing custom code? > > I'm thinking that this problem *must* be solved already. Either there's an > authenticationhandler in Sling that I haven't found yet, or there's an > open-source example that somebody could share with me :) > > If I must write this myself, is this the best place to start? > https://sling.apache.org/documentation/the-sling-engine/authentication/authentication-authenticationhandler.html > https://sling.apache.org/apidocs/sling8/org/apache/sling/auth/core/spi/AuthenticationHandler.html > > ... as usual, thanks guys. I realize I'm really dominating the mail list > lately. I've got a lot to solve :) > > > > > -- > View this message in context: > http://apache-sling.73963.n3.nabble.com/Not-sticky-sessions-with-Sling-tp4069530.html > Sent from the Sling - Users mailing list archive at Nabble.com.
