I am using Jetty 8 and currently have two instances set up and running behind a round robin load balancer. I have configured it use session replication via MongoDB. My application uses spring security. It is working great with two exceptions. I will include one here, and the other in another question.
Does anyone have any suggestions? I'm about to start digging into the implementation of spring security's remember me code and jetty-nosql, but would love it if someone could save me some time.
Additionally, I have tried both the cookie hash-based "remember me" token as well as the db persisted "remember me" token approach, and both have the same issue.
The solution is to use the db persisted "remember me" token approach. In our situation, we used org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices.
It turns out that our first attempt at using the db persisted token approach was simply implemented in error. When we did it correctly, it worked fine and solved our remember me problem.