-
Bug
-
Resolution: Unresolved
-
Critical
-
None
-
7.4.3.GA
-
False
-
False
-
-
-
-
-
-
Known Issue
When the auth-method DIGEST is specified in the login-config section of the web.xml of an application, requests to this application do not get a session cookie in return until there is an authenticated session. In a load balanced environment, this becomes problematic as the response to the DIGEST challenge risks being sent to another node than the one that sent the challenge, which leads to authentication failure. This worked in EAP 6.3.1 after https://bugzilla.redhat.com/show_bug.cgi?id=1126490 so seems we have a similar issue to fix again here when moving to EAP 7/Wildfly.
- clones
-
JBEAP-22980 [GSS](7.4.z) Support HTTP Digest when fronted by load balancer
- New
- incorporates
-
ELY-2279 Digest mechanism needs sticky sessions
- Resolved
-
UNDERTOW-2007 Digest mechanism needs sticky sessions
- Resolved
-
WFLY-15847 Digest mechanism needs sticky sessions
- Resolved
- relates to
-
JBEAP-23045 (7.4.z) Upgrade Undertow from 2.2.13.SP2-redhat-00001 to 2.2.16.Final-redhat-0001
- Closed
- links to