Mike Healy

Thanks. I'll have a look at the areas within the code that you suggest.

Javier, I appreciate your desire to solve this with a JEE container configuration, but I see two shortcomings in the suggested modification to the web.xml file. 1) Configuring the JEE container to require HTTPS doesn't solve the problem because, in my scenario, the load balancer will only send requests over HTTP to port 80. The container is essentially demanding SSL and the load balancer is never going to comply. This configuration creates a logical mismatch. 2) If this were to actually work, it...

Federico, Thanks for the response. See my reply to Javier. It is very lengthy and answers the questions you have about what it is that I'm trying to achieve. Regards, Mike

Javier, I did try to modify the web.xml to redirect to https, but it didn’t work. The problem is that, in my architecture, there is no SSL capability between the load balancer and the OpenXava application. I’ve attached a picture of my architecture to better illustrate the strategy I’m using. I think that my finding presents an opportunity to enhance OpenXava. Please allow me to explain why I believe this. OpenXava is more that just a regular Java web application. It is a multi-tier AJAX application...

Federico, The AWS load balancers support session affinity. The load balancer will route all of the traffic for a particular session to the same application server. See the section here that describes "Sticky Sessions": https://aws.amazon.com/elasticloadbalancing/classicloadbalancer/ The balancing occurs at the session level, rather than the level of the individual request. Regards, Mike

I'm running an OpenXava application inside Amazon's AWS platform (with a purchased...

I'm running an OpenXava application inside Amazon's AWS platform (with a purchased...