5.9.3 Handling authentication information when inheriting session information
With Application Server, Form authentication, Basic authentication, and the authenticate/login/logout method of the HttpServletRequest are used as login authentication functionality. If you use this login authentication functionality in an application that uses the session failover functionality, the operations are as follows:
- If you use Form authentication
-
If a failure occurs on the J2EE server and the session is to be inherited, you must once again perform authentication with Form authentication even if the session is successfully inherited.
- If you use Basic authentication
-
You can continuously access without once again performing Basic authentication regardless of whether the session is to be inherited due to a failure on the J2EE server.
- If you use the authenticate/login/logout method of the HttpServletRequest
-
If a failure occurs on the J2EE server and the session is to be inherited, you must once again perform authentication with the method even if the session is successfully inherited.
For details on Basic authentication and Form authentication, see 6.2 Web container-based authentication using DD settings in the uCosminexus Application Server Security Management Guide.