You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Rex Wang <rw...@gmail.com> on 2009/09/16 11:10:55 UTC
what does j_security_check do in clustering?
Dear Tomcat devs,
I meet a problem when config a web project which using the form based
security in clustering.
When I set session affinity = true in my front http server, the security
check was done in single node, there is no problem with that.
But if I set affinity = false, the requests from the security check process
are sent to 2 nodes, and it is really strange.. eg:
1. From index.html(NodeA), try to access protected resouce
2. Go to the logon.html(NodeB), I input the id/passwd, and then submit
3. The request looks like sent to NodeA, but did not do any check operation.
Does that work as design? that is, if I wanna use form check security, my
cluster must be session affinity?
Thanks in advance!
-Rex
Re: what does j_security_check do in clustering?
Posted by Rex Wang <rw...@gmail.com>.
hi Mark, Thanks, I will send a mail there. I thought developers hold more
knowledge on this. So just want a confirm of my question.
-Rex
2009/9/16 Mark Thomas <ma...@apache.org>
> Rex Wang wrote:
> > Dear Tomcat devs,
> >
> > I meet a problem when config a web project which using the form based
> > security in clustering.
> >
> > When I set session affinity = true in my front http server, the security
> > check was done in single node, there is no problem with that.
> > But if I set affinity = false, the requests from the security check
> process
> > are sent to 2 nodes, and it is really strange.. eg:
> >
> > 1. From index.html(NodeA), try to access protected resouce
> > 2. Go to the logon.html(NodeB), I input the id/passwd, and then submit
> > 3. The request looks like sent to NodeA, but did not do any check
> operation.
> >
> > Does that work as design? that is, if I wanna use form check security, my
> > cluster must be session affinity?
>
> That would be a question for the users list.
>
> Mark
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>
>
Re: what does j_security_check do in clustering?
Posted by Mark Thomas <ma...@apache.org>.
Rex Wang wrote:
> Dear Tomcat devs,
>
> I meet a problem when config a web project which using the form based
> security in clustering.
>
> When I set session affinity = true in my front http server, the security
> check was done in single node, there is no problem with that.
> But if I set affinity = false, the requests from the security check process
> are sent to 2 nodes, and it is really strange.. eg:
>
> 1. From index.html(NodeA), try to access protected resouce
> 2. Go to the logon.html(NodeB), I input the id/passwd, and then submit
> 3. The request looks like sent to NodeA, but did not do any check operation.
>
> Does that work as design? that is, if I wanna use form check security, my
> cluster must be session affinity?
That would be a question for the users list.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org