You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Peter Smith <ps...@infonow.com> on 2003/08/13 17:11:41 UTC

Load balancing an authenticated session

Hi all,

I need some advice on how to load balance an authenticated session.  We use
a realm to authenticate a user.  Once authenticated and a specified time
elapses, the session is written to a JDBCStore.  The problem is the
authentication information does not get written.  Since it is not there, the
other machine in the balancing scheme reads the session and sees the person
is not logged in and will present them with the login screen.  I have found
a couple of messages saying that saving the authentication information is a
security risk.  Any advice on how to solve this?

Thanks, Peter
-- 
Peter Smith
Software Engineer
InfoNow Corporation


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org