-
1. Re: Clustering with CachedAuthenticatedSessionMechanism
pferraro Jan 2, 2014 4:37 PM (in response to faxe13)1 of 1 people found this helpfulWith BASIC, DIGEST, and CERT authentication mechanisms, the user credentials are always available in the request - so reauthentication on failover happens automatically. With FORM authentication, the username/password are only made available to the request during login. Consequently, auto-reauthentication on failover requires an additional server-side mechanism to store the j_username/j_password values from the login form. In AS7 and earlier, this mechanism was provided by clustered SSO. We don't have such a mechanism for WildFly yet.
I've filed a jira to track this issue:
[WFLY-2704] FORM authentication credentials lost on failover - JBoss Issue Tracker
Until this is fixed, you should be able to workaround this issue by using BASIC or DIGEST authentication.
-
2. Re: Clustering with CachedAuthenticatedSessionMechanism
faxe13 Jan 3, 2014 4:04 AM (in response to pferraro)Thanks for your response Paul. I will take a look into DIGEST authentication because BASIC seems not to be an option for us. As you have created the issue for the final version maybe I will wait for that.
-
3. Re: Clustering with CachedAuthenticatedSessionMechanism
pferraro Jan 3, 2014 9:42 AM (in response to faxe13)BTW, even though users are currently forced to reauthenticate on failover when using FORM authentication, their web session data should still be preserved.
-
4. Re: Clustering with CachedAuthenticatedSessionMechanism
faxe13 Jan 3, 2014 12:54 PM (in response to pferraro)Yes, thats what I noticed. All session data were replicated correctly except the FORM authentication data.
-
5. Re: Clustering with CachedAuthenticatedSessionMechanism
pferraro Jan 8, 2014 12:40 PM (in response to faxe13)1 of 1 people found this helpfulFYI - this pull request should fix the issue:
-
6. Re: Clustering with CachedAuthenticatedSessionMechanism
faxe13 Jan 9, 2014 11:26 AM (in response to pferraro)Excellent, storing the Account again in the clustered web session when using FORM authentication should solve the problem. Is there a way I can test this with a nightly build or do I have to wait until the Final version comes out ?
-
7. Re: Re: Clustering with CachedAuthenticatedSessionMechanism
pferraro Jan 9, 2014 2:00 PM (in response to faxe13)The pull request hasn't been merged yet. Until then you can test it via:
git clone https://github.com/wildfly/wildfly.git cd wildfly git remote add pferraro https://github.com/pferraro/wildfly.git git fetch pferraro git cherry-pick 0c4175c75f407eeb973faa6c6d72a099c172a398 mvn install
Once the pull request is merged, you can skip steps 3-5.
-
8. Re: Re: Clustering with CachedAuthenticatedSessionMechanism
faxe13 Jan 11, 2014 12:29 PM (in response to pferraro)Thanks Paul. The fix works as expected. No additional login required after a failover any more.