-
1. Re: http session failover in as7.1.2
bwallis42 Apr 27, 2012 7:55 AM (in response to bwallis42)A bit more reading/searching finds this post, https://community.jboss.org/thread/155273, that suggests that security credentails are not replicated with the session and that I need to configure SSO to get this to work. It suggests that I need to setup the ClusteredSingleSignOn valve in the jboss-web.xml file in the deployment. This is further described in the wiki at https://community.jboss.org/wiki/JBossWebSingleSignOn but this is quite out of date.
Is there anything written about how this works and should be configured? I can't find anything about what can be configured in jboss-web.xml.
-
2. Re: http session failover in as7.1.2
bwallis42 Apr 27, 2012 7:06 PM (in response to bwallis42)1 of 1 people found this helpfulI found someone else with the same problem posted a couple of days ago, https://community.jboss.org/thread/198857. They seem to have a bit more info on how it should be configured but it still isn't working for them either.
-
3. Re: http session failover in as7.1.2
bwallis42 May 3, 2012 8:44 AM (in response to bwallis42)I'm still unable to get this to work correctly.
Session state is failing over OK but authentication state is not. Can anyone help or point to some current documentation about how to configure this?
Details of my configuration are as follows.
I have the following in my domain.xml for the web subsystem
{code}
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
<connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
<connector name="ajp" protocol="AJP/1.3" scheme="http" socket-binding="ajp"/>
<virtual-server name="default-host" enable-welcome-root="true">
<alias name="localhost"/>
<alias name="example.com"/>
<sso cache-container="web" cache-name="sso" reauthenticate="false"/>
</virtual-server>
</subsystem>
{code}
and the web.xml for the application has the <distributable/> element. My application is using form based authentication. web.xml is
{code}
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>AuthenticationEx</display-name>
<distributable/>
<session-config>
<session-timeout>2</session-timeout>
</session-config>
<security-constraint>
<display-name>Authentication Login</display-name>
<web-resource-collection>
<web-resource-name>SecuredArea</web-resource-name>
<url-pattern>/index.jsf</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>other</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>other</realm-name>
<form-login-config>
<form-login-page>/login.jsf</form-login-page>
<form-error-page>/bad-login.jsf</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>other</role-name>
</security-role>
</web-app>
{code}
and jboss-web.xml is
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain flushOnSessionInvalidation="true">other</security-domain>
<replication-config>
<replication-trigger>SET_AND_NON_PRIMITIVE_GET</replication-trigger>
<replication-granularity>SESSION</replication-granularity>
</replication-config>
</jboss-web>
{code}
and modcluster has been configured as well, the following is the subsystem configuration:
{code}
<subsystem xmlns="urn:jboss:domain:modcluster:1.1">
<mod-cluster-config advertise-socket="modcluster" connector="ajp">
<dynamic-load-provider>
<load-metric type="busyness"/>
</dynamic-load-provider>
</mod-cluster-config>
</subsystem>
{code}
finally, the httpd configuration is as follows
{code}
<VirtualHost 172.16.95.131:10001>
LogLevel debug
<Directory />
Order deny,allow
Deny from all
Allow from all
</Directory>
# This directive allows you to view mod_cluster status at URL http://10.211.55.4:10001/mod_cluster-manager
<Location /mod_cluster-manager>
SetHandler mod_cluster-manager
Order deny,allow
Deny from all
Allow from 172.16.95.
</Location>
KeepAliveTimeout 60
MaxKeepAliveRequests 0
ManagerBalancerName other-server-group
AdvertiseFrequency 5
AdvertiseSecurityKey secret
EnableMCPMReceive
</VirtualHost>
{code}
-
4. Re: http session failover in as7.1.2
trou Dec 30, 2013 2:26 AM (in response to bwallis42)Brian, did you manage to get it working on this version?
Could you share your configuration?
-
5. Re: http session failover in as7.1.2
bwallis42 Jan 1, 2014 8:29 PM (in response to trou)No, sorry. My current project work is with an old JBoss version (6.1) and we haven't had to progress the session sharing. When we do it will be with the EAP 6.2.0 version
I'd suggest that trying it with the EAP 6.2.0 version or Wildfly which is now in candidate release state (8.0.0.CR1) if you have that option.