Description of problem:


Digest authentication works fine with a single node within a JBoss cluster with httpd as loadbalancer.

But when a second node is added to the cluster, the Digest authentication is no longer working, as expected.

Observations:

- The stick-session isn't maintained during the authentication mechanism:

-> On the client response, the request gets bounced on different nodes, 
resulting as failed authentication and looping in such way that the authentication succeed after several time or sometimes just ends with a 401 error.


Version-Release number of selected component (if applicable):

-EAP-6.1.1
-Apache is 2.2.15
-mod_cluster is 1.2.6.final


How reproducible:

2 jboss instances clustered behind a httpd loadbalancer

1DC(hosting servers),1HC, and Apache mod_cluster, testApp( Digest Authentication)



Steps to Reproduce:

0.Configure a loadbalancer on Apache (mod_cluster)
1.Set a Digest Authentication security-domain, deploy the testApp
2.Try to access testApp from the browser to the loabalancer <-- works fine
2.Bring the second node into the cluster, (HC joining the DC)
3.Kill the brwoser
5.Try to access the same App

Actual results:
-Authentication fails several times before it succeed.
-Sometimes, ends up with 401 error after several tries

Expected results:

The sticky-session should be maintained during the Digest-Ath process, so that mod_cluster can route the couple of requests to the same node.


Additional info:

I'm not sure if this should be corrected in mod_cluster code or Digest-Auth code.


Thanks.
Patrick