hi all, we are having a problem with our Tomcat 5.5.9 cluster. We run 2 Tomcat instances on physically different machines. For security we use normal container managed security, configured in the web.xml. Session replication works fine, and session id's are same across the two instances. We only have trouble with the authentication. For instance, if you are logged in on instance1, if load balancer redirects subsequent request to instance2, you have to login again. Turning on Single Signon did not help. Does anybody know if we should be able to get this working, and how? Browsing through the Tomcat source code I noticed that very explicit the security Principal is not saved in a serialized session. Could this be the reason why login information is not propagated to other instances? Has anybody an idea why this is not done? Configuration: - OS: RH 4 - App server: Tomcat 5.5.9 - Session replication: in-memory, pooled - Load balancing via hardware load balancer (Cisco) tia, Dirk
- Lost Boys creates and delivers internet & mobile solutions - Dirk de Kok | Java Specialist Lost Boys B.V. | Joop Geesinkweg 209 | 1096 AV Amsterdam The Netherlands | Tel: +31 20 4604500 | Fax: +31 20 4604501 | [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> | www.lostboys.nl <http://www.lostboys.nl/>