I intermittently receive the following error while attempting a JAAS form login to an application on my cluster:

HTTP Status 408 - The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser.

I have a Cisco CSS load balancer that fronts two JBoss AS 4.2.2 nodes. This is not a proper cluster in JBoss terms. The two nodes have no knowledge of one another. The load balancer simply chooses a server (based on IP, not a session cookie) and maintains session affinity.

Here's what I can tell based on my experiences: I access my site at www.foo.com and the css directs me to node 1. I log in and get a JSESSIONID cookie for www.foo.com. I wait some time and, presumably, my session expires. When I attempt to log in again, perhaps I get directed to node2. I am prompted to log in, and after successfully authenticating I receive the 408. Clearing the cookies for the domain and attempting login again seems to solve it. Clearly that's not acceptable to the users.

As a short-term solution, I've disable a node, and there have been no accounts of this error. I have an identically configured test environment where I can attempt to correct this.

Can anyone comment on the situation or the architecture? Any insight is appreciated.