Well, my project doesn't currently have enough load to require more than one server node, so I haven't thought much about that yet. If your cluster can be configured to use sticky sessions, it would probably work fine without any further changes. Otherwise your app server would need to be configured to perform session replication to avoid the login prompt when you get routed to a different server node.
Does that make sense? On Thu, Sep 17, 2009 at 7:45 AM, Vidar Ramdal <[email protected]> wrote: > On Thu, Sep 17, 2009 at 4:00 PM, Eric Norman <[email protected]> > wrote: > > For my own project, I ended up writing my own FormAuthenticationHandler > > which caches the submitted credentials (crypted) on the server-side as a > > session attribute. The cached credentials are used when no basic auth > info > > is available on the current request. It is actually not that hard to > > implement, there were a couple servlets (LoginServlet, LogoutServlet) and > an > > AuthenticationHandler class plus an esp script to render the login page. > > > > I could provide a patch if you are interested. > > Does your approach handle clustered scenarios? > > -- > Vidar S. Ramdal <[email protected]> - http://www.idium.no > Sommerrogata 13-15, N-0255 Oslo, Norway > + 47 22 00 84 00 / +47 21 531941, ext 2070 >
