Re: [cinjug-users] Unsigned applet question

["Ashish Narvekar" <ashish.narvekar@xxxxxxxxx>]

Yup,

the sessions are sticky. So, if the load balancer also balances pure socket calls, it has to be in synchronization with the http load balancing (maybe would happen automatically if it is the same load balancer doing the work for both).

 

Thanks.

 

On 11/19/06, Johnn Tinch <JTinch@xxxxxxxxxxxxxxxxxxxxx> wrote:

Are the sessions set to sticky on the load balancer?
--------------------------
Sent from my BlackBerry Wireless Handheld


-----Original Message-----
From: Ashish Narvekar <ashish.narvekar@xxxxxxxxx>
To: users@xxxxxxxxxx < users@xxxxxxxxxx>
Sent: Sun Nov 19 21:48:59 2006
Subject: [cinjug-users] Unsigned applet question

We have an unsigned applet that creates a socket connection (new java.net.Socket) to the host that it was downloaded from. This works fine in a single server environment. However, if we try this in a clustered environment where there is a load balancer in front of the appservers, this obviously does not work and we get a security exception because the console shows it as being downloaded from the load balancer and is trying to connect to the appserver which is a different host (which violates the default java policy on the client).

The reason we don't want to sign the applet is that most of the users of the app are minimalist users and we have got panic calls in the past when they have been faced with 'expired certificate' or other such messages. And for the same reason, editing the client java policy file is also not an option.

Is there any way to still use an unsigned applet for the scenario described above? Is there any load balancer out there which can load balance not just http invocations but also, pure socket connection invocations. Then, I could try and have the applet code always make a connection to the loadbalancer and the loadbalancer would load balance to the appservers. I am not sure if this is even viable.