I've got a cluster of two machines, A and B. Using mod_jk to do load balancing, with sticky sessions, and I have the tag in a webapp's web.xml deployed on both machines. If a user hits the site with their browser and is "stuck" on machine A, and I fail machine A, it gracefully transitions to B, with session attributes replicated and everything. All good so far. But if the user had hit the administrative part of the site, and logged in (web.xml security using FORM), and I fail machine A while they're moving about in the secure part, then when they get transferred to B they have to log in again, even though session variables are replicated. Which wouldn't be such a problem, except that hitting the form login.jsp destroys any POST data. So a full page of data entry gets lost.
Is failover of login credentials supposed to work, or is this the expected behavior? I'm using 3.2.3, with tomcat 4 (haven't upgraded to 5, because we have to retrofit the way we precompile jsps to work with tomcat 5's new way of doing that). Is there some extra configuration I need to do to make this work? I see a "SingleSignOnContextConfig" for my url root of type FORM in the deployment messages.. anything else I need to do?