Thank you for your answers. As a workarround (forgetting about clustering), can I use 2 tomcat instances with different WARs but both using sso?
For instance: Machine 1 - tomcat #1 - a.war Machine 2 - tomcat #2 - b.war both with sso, so when I log-in in application a I am also logged in application b Regards, Alejandro ----- Original Message ----- From: "Peter Rossbach" <[EMAIL PROTECTED]> To: "Tomcat Users List" <users@tomcat.apache.org> Sent: Thursday, May 03, 2007 3:16 PM Subject: Re: problem with tomcat clusters sso with apache load balancer > Hi, > > the clusterSSO implementation is not ready: > > - at normal shutdown from one application or a node all sessions are > expired. > clusterSSO is a normal session listener and context stop expires > all sessions. > - The sessionID rewrite from JvmRouteBinderValve are not coordinated > with clusterSSO sessionID cache. > - I have made some improvements at the tomcat 5.5 backport :-( > > Peter > > > Am 03.05.2007 um 19:24 schrieb Filip Hanik - Dev Lists: > > > I don't think the clusterSSO implementation ever really got > > finished. It got submitted, but never completed. > > At least that was my impression of it > > > > Filip > > > > Alejandro Fernandez wrote: > >> Hi, I am Alejandro from Argentina. > >> > >> I am having an issue with tomcat 6.0.10 using clusters and single > >> sign on, while performing load balance with apache 2.2 > >> > >> When I am accessing a secured page, I try to login (the login form > >> is shown correctly) but I receive the following: > >> > >> HTTP Status 400 - Invalid direct reference to form login page > >> > >> Note: The load balancer makes me switch between 2 tomcat servers. > >> One switch by page request. > >> > >> Please tell me if the info is not enough. > >> > >> Thank you in advance. > >> > >> --------------------------------------------------------------------- > >> ----- > >> httpd.conf > >> --------------------------------------------------------------------- > >> ----- > >> > >> .... > >> > >> <Location /balancer-manager> > >> SetHandler balancer-manager > >> </Location> > >> > >> <Proxy balancer://cluster> > >> BalancerMember ajp://sismcarrizo:8009 > >> BalancerMember ajp://servisitadores4:8009 > >> </Proxy> > >> > >> <Proxy balancer://clusterb> > >> BalancerMember ajp://servisitadores4:8009 > >> </Proxy> > >> > >> <Location /portal-a> > >> ProxyPass balancer://cluster/portal-a stickysession=JSESSIONID > >> </Location> > >> > >> <Location /portal-b> > >> ProxyPass balancer://clusterb/portal-b stickysession=JSESSIONID > >> </Location> > >> > >> <Location /portal-c> > >> ProxyPass balancer://cluster/portal-c stickysession=JSESSIONID > >> </Location> > >> > >> <Location /accesos-sso> > >> ProxyPass balancer://cluster/accesos-sso stickysession=JSESSIONID > >> </Location> > >> > >> .... > >> > >> --------------------------------------------------------------------- > >> ----- > >> server.xml > >> --------------------------------------------------------------------- > >> ----- > >> .... > >> > >> <Engine name="Catalina" defaultHost="localhost"> > >> > >> <Cluster > >> className="org.apache.catalina.ha.tcp.SimpleTcpCluster" > >> channelSendOptions="8"> > >> <Manager > >> className="org.apache.catalina.ha.session.DeltaManager" > >> expireSessionsOnShutdown="false" > >> notifyListenersOnReplication="true"/> > >> > >> <Channel > >> className="org.apache.catalina.tribes.group.GroupChannel"> > >> <Membership > >> className="org.apache.catalina.tribes.membership.McastService" > >> address="228.0.0.4" > >> port="45564" > >> frequency="500" > >> dropTime="3000"/> > >> <Receiver > >> className="org.apache.catalina.tribes.transport.nio.NioReceiver" > >> address="auto" > >> port="4000" > >> autoBind="100" > >> selectorTimeout="5000" > >> maxThreads="6"/> > >> > >> <Sender > >> className="org.apache.catalina.tribes.transport.ReplicationTransmitte > >> r"> > >> <Transport > >> className="org.apache.catalina.tribes.transport.nio.PooledParallelSen > >> der"/> > >> </Sender> > >> <Interceptor > >> className="org.apache.catalina.tribes.group.interceptors.TcpFailureDe > >> tector"/> > >> <Interceptor > >> className="org.apache.catalina.tribes.group.interceptors.MessageDispa > >> tch15Interceptor"/> > >> </Channel> > >> > >> <Valve > >> className="org.apache.catalina.ha.tcp.ReplicationValve" > >> filter=""/> > >> <Valve > >> className="org.apache.catalina.ha.session.JvmRouteBinderValve"/> > >> > >> <Deployer > >> className="org.apache.catalina.ha.deploy.FarmWarDeployer" > >> tempDir="/tmp/war-temp/" > >> deployDir="/tmp/war-deploy/" > >> watchDir="/tmp/war-listen/" > >> watchEnabled="false"/> > >> > >> <ClusterListener > >> className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderList > >> ener"/> > >> <ClusterListener > >> className="org.apache.catalina.ha.session.ClusterSessionListener"/> > >> </Cluster> > >> > >> <Valve > >> className="org.apache.catalina.authenticator.SingleSignOn" > >> debug="0"/> > >> <Realm className="org.apache.catalina.realm.JDBCRealm" > >> > >> driverName="com.microsoft.jdbc.sqlserver.SQLServerDriver" > >> connectionURL="jdbc:microsoft:sqlserver:// > >> desa-0:1433;databasename=accesos;selectmethod=cursor" > >> connectionName="accesosusr" > >> connectionPassword="j1ra808fa" > >> userTable="users" > >> userNameCol="username" > >> userCredCol="password" > >> userRoleTable="user_role" > >> roleNameCol="role" > >> debug="99" > >> /> > >> > >> <Host name="localhost" appBase="webapps" unpackWARs="true" > >> autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> > >> </Host> > >> </Engine> > >> .... > >> > >> --------------------------------------------------------------------- > >> ----- > >> web.xml > >> --------------------------------------------------------------------- > >> ----- > >> .... > >> > >> <!-- Define a Security Constraint on this Application --> > >> <security-constraint> > >> <web-resource-collection> > >> <web-resource-name>portal-a</web-resource-name> > >> <url-pattern>/mercados.jsp</url-pattern> > >> <url-pattern>/mercados.page</url-pattern> > >> <url-pattern>/mercados.jsf</url-pattern> > >> </web-resource-collection> > >> <auth-constraint> > >> <!-- NOTE: This role is not present in the default users > >> file --> > >> <role-name>accesos</role-name> > >> </auth-constraint> > >> </security-constraint> > >> > >> <!-- Define the Login Configuration for this Application --> > >> <login-config> > >> <auth-method>FORM</auth-method> > >> <realm-name>Portal A Application</realm-name> > >> <form-login-config> > >> <form-login-page>/login.jsp</form-login-page> > >> <form-error-page>/error.jsp</form-error-page> > >> </form-login-config> > >> </login-config> > >> > >> <!-- Security roles referenced by this web application --> > >> <security-role> > >> <description> > >> The role that is required to log in to the Manager Application > >> </description> > >> <role-name>accesos</role-name> > >> </security-role> > >> > >> <distributable/> > >> .... > >> > >> --------------------------------------------------------------------- > >> --- > >> > >> No virus found in this incoming message. > >> Checked by AVG Free Edition. Version: 7.5.467 / Virus Database: > >> 269.6.2/784 - Release Date: 5/1/2007 2:57 PM > >> > > > > > > --------------------------------------------------------------------- > > To start a new topic, e-mail: users@tomcat.apache.org > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
