Recently, my web application has started having issues with the login process.
I use Tomcat form authentication against a mysql database. That has been working fine for years. But recently, there has been an increase in odd behaviours, particularly getting stuck at the j_security_check page, which returns sometimes with a 404, sometimes with a 408, and sometimes a straight-up 200, but doesn't complete the redirect. When this happens, the only way to get to the app is to reload the full application URL a few times, having to relogin again, and eventually you get there. I find this a little difficult to debug, as what is in the logs seems to indicate that the login happened fine, and so far I have found it difficult to reproduce. Any thoughts or suggestions where to look or what to look for? I tail catalina.out and the access log, and I have realm and authenticator logging turned on to ALL, but haven't yet found anything that gives me a clue. (It's quite possible I've missed something in the logging output.) Next I'll see if I can capture something from the network logs. The application runs behind a load balancer box that does the SSL and forwarding to internal services. thanks for your help. - Linus
