I'm having problems with the single sign on and JBoss 5.1.2. I have 2 applications: one is responsible for the authentication and authorisation and the second is a normal webapplication. When I access the web application it leads me to the login page. After the sucessfull login I keep getting a redirect loop to the login page. It only stops, when I delete the JSESSIONIDSSO cooky. I use the: org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn for the Single Sign-on.