I'm using JBoss 3.2.1 and Tomcat 4.1.24 with the
DatabaseServerLoginModule to authenticate users.
In addition, I am using a hardware load balancer with
cookie-based session persistence. My code sets the
cookie with a default value, which the Alteon LB then
rewrites with session information it will use later.
The Alteon requires that the cookie be present on
the first response in the session, which in this case
is the 302/redirect to my login FORM.
My problem is that the 302/redirect to the login.jsp
does not contain the cookie. I do not see a way to
add the cookie to the container's redirect to the login
page. The net result is that the first reply contains
no cookie, the LB gets confused, and there is no
Your help appreciated in figuring out how/where
to write the cookie.
Doesn't look like you can use container managed security then.
I would recommend http://securityfilter.org (with my JBossRealmAdapter)
Hope that helps,