Jim, Sorry for the slow response. If this is important for your organization and you need someone from JBoss to help get answers on this quickly, you should contact our support group. Please understand the forums are a form of free support and don't necessarily get the attention we would like to give them due to time constraints with dealing with support calls in addition to performing our actual development duties. :-)
That being said, there is a fundamental difference between SSO on a single node and over a cluster. On a single node, if the "requireReauthentication" attribute has been set to false (the default), once a user has been authenticated their Principal object is cached and for future requests is directly bound to the request object without making an authentication call to the JBossSecurityManagerRealm. However, the Principal is not replicated over the network, (because, among other reasons, Principal does not implement Serializable). So, the first time a user switches to another node, the Principal object is not cached and the ClusteredSSO valve has to authenticate the user using the login credentials (username, password) that have been cached. This should happen transparently to the user, as the required credentials are replicated. In your described use case, only the main war has authentication enabled; if the first request to a new node is for one of the other wars, the ClusteredSSO valve will not be able to authenticate the user, and the request will fall through to your loginredirect.jsp. I haven't had a chance yet to play with your wars, but I'm quite certain the problem you're seeing is related to the above. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3893254#3893254 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3893254 ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
