3 Replies Latest reply on Jun 14, 2007 7:19 AM by gaopeng_victor

    HELP: SSO not work for my Cluster (without domain name)

    gaopeng_victor
    gaopeng_victor Jun 13, 2007 2:21 AM

      I've config a JBoss Portal (V2.6 RC2) Cluster on JBossApp 4.0.5, and it start up sucessfully. But the SSO don't work, the following is my test step:

      1. Following the jboss documentation to establish a two nodes cluster (two machines with ip: 10.1.16.140/10.1.16.64, each for one node).

      2. Login the portal from http://10.1.16.140/portal/ . Login as admin/admin.

      3. Access http://10.1.16.64/portal/, but find it want me login again. why the SSO not login for me on this node?

      I add the attribute: <Valve className="org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn" cookieDomain="10.1.16"/> in tomcat server.xml, but it don't work.

      Is my test way wrong?

      It is impossible to apply a domain name like abc.ddd.com for my test. So how to test the cluster SSO in this LAN environment?

      • 1145 Views
      • Tags:
        • 1. Re: HELP: SSO not work for my Cluster (without domain name)
          mputz
          mputz Jun 13, 2007 3:42 AM (in response to gaopeng_victor)

          You don't need the cookieDomain, as long as you don't have different host names. Have you seen this wiki on SSO?
          http://wiki.jboss.org/wiki/Wiki.jsp?page=SingleSignOn

            • Actions
          • 2. Re: HELP: SSO not work for my Cluster (without domain name)
            gaopeng_victor
            gaopeng_victor Jun 13, 2007 6:21 AM (in response to gaopeng_victor)

             

            "mputz" wrote:
            You don't need the cookieDomain, as long as you don't have different host names. Have you seen this wiki on SSO?
            http://wiki.jboss.org/wiki/Wiki.jsp?page=SingleSignOn


            Yes, I've seen that wiki. And I've followed that wiki to establish my cluster, except that I used two PCs instead of one. I've configed the org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn, enabled the IE cookie. Everything is ok on startup, but when I login on 10.1.16.64, and then visit http://10.1.16.140/portal, it shows that I'm not login.

            So I try the cookieDomain attribute, but it also don't work.

            Is there anything wrong?

              • Actions
            • 3. Re: HELP: SSO not work for my Cluster (without domain name)
              gaopeng_victor
              gaopeng_victor Jun 14, 2007 7:19 AM (in response to gaopeng_victor)

               

              "gaopeng_victor" wrote:
              "mputz" wrote:
              You don't need the cookieDomain, as long as you don't have different host names. Have you seen this wiki on SSO?
              http://wiki.jboss.org/wiki/Wiki.jsp?page=SingleSignOn


              Yes, I've seen that wiki. And I've followed that wiki to establish my cluster, except that I used two PCs instead of one. I've configed the org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn, enabled the IE cookie. Everything is ok on startup, but when I login on 10.1.16.64, and then visit http://10.1.16.140/portal, it shows that I'm not login.

              So I try the cookieDomain attribute, but it also don't work.

              Is there anything wrong?


              I test the cluster with another simple web application, and find the http session can be replicated sucessfully on one way. That is: I login on node A(host 1) , from jmx-console, I can see that the session is copied to node B(host 2) successfully, so I can access B without loginning again by that session; but the reverse test is fail : when I login on node B with a new session, the replication to A is fail. why?

              As to the jboss-portal-ha 2.6, jmx-console show that session replication is also successful from A to B, failed from B to A. But even A to B replication is ok, when I access B's portal by the replicated sessionid, it want me to authenticate again. Is there any thing I need to do with the jboss-portal-ha?

                • Actions