I'm having problems with the single sign on and JBoss 5.1.2. I have 2 applications: one is responsible for the authentication and authorisation and the second is a normal webapplication. When I access the web application it leads me to the login page. After the sucessfull login I keep getting a redirect loop to the login page. It only stops, when I delete the JSESSIONIDSSO cooky. I use the: org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn for the Single Sign-on.
Any hint is very much appreciated.
This issue doesnt seem to be completely related to clustering (or SSO clustering to be specific), I would recommend a different space (not sure which) for security and SSO experts.