How to dispatch 2 subsequent requests without a cookie from the same client to the same JBoss
node?
I have a multi-node setup with Apache
, JBoss7
(with load balancing
, sticky session
and SSO
) and Tomcat
. Here is the scenario:
client_redirect.jsp
resource, which creates a JSESSIONID
and returns to the client. The HTTP Response has the header Set-Cookie:JSESSIONID=1234_.node1; Path=/myapp
onload
event handler changes the URL to https:///home/?app=myapp and another request is sent. HOWEVER, IT DOES NOT CONTAIN THE JSESSIONID cookielogin.jsp
resource, which creates another JSESSIONID
and returns to the client. The HTTP Response has the SET-COOKIE header as Set-Cookie:JSESSIONID=5678_.node2; Path=/
SSO
issues after login, when we redirect to https://<ip>/myapp
again* "Empty" client_redirect page:
<html>
<script type="text/javascript">
window.onload = function() {
window.location.replace('../../home/?app=myapp');
}
</script>
</html>
Here is the solution a friend suggested:
We don't need 2 JSESSIONID
cookies, so we shouldn't create them in the 1st place. myapp should setup the web.xml
file as follow, so both main and myapp can share the same session.
<session-config>
<cookie-config>
<path>/</path>
</cookie-config>
</session-config>
Related links: