Thanks for the response Brian. I know you're under time pressures. What you say makes sense. What it feels like JBoss is doing in SSO is that upon authentication with one app the principal gets propagated to the other webapp's context and the credentials are cached. Or there is some security context pointer back to the original login app (for single log-out). On fail over the cached credentials are used, but that initial push propagation doesn't happen.
At least that's what it feels like as a user. Cached credentials would explain why main functions correctly. I get the feeling that the SSO credentials aren't passed to the other webapps in SSO and that something else happens behind the scenes that allows the other apps to authenticate their principal. Not caching the credentials in all the apps and not pushing out the SSO principal again on failover would explain what I'm seeing. I respect that this is free support. Pretty good free support at that. My organization is currently investigating the viability of JBoss. Once we're confident that JBoss will fit the bill we'll have no problem paying JBoss for support. Until then I know it's a bit of a catch-22. I'm willing to dedicate as much time as I need to to get you what you need. Let me know if there is anything. -Jim View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3893285#3893285 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3893285 ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
