How to dispatch 2 subsequent requests without a cookie to the same JBoss node?

问题

How to dispatch 2 subsequent requests without a cookie from the same client to the same JBoss node?

I have a multi-node setup with Apache, JBoss7 (with load balancing, sticky session and SSO) and Tomcat. Here is the scenario:

User enters https:///myapp on the browser
Load balancer dispatches it to node1, on the myapp.ear file.
Since there is no authentication yet, myapp loads the unprotected client_redirect.jsp resource, which creates a JSESSIONID and returns to the client. The HTTP Response has the header Set-Cookie:JSESSIONID=1234_.node1; Path=/myapp
The "empty" page below* is loaded on the browser; the onload event handler changes the URL to https:///home/?app=myapp and another request is sent. HOWEVER, IT DOES NOT CONTAIN THE JSESSIONID cookie
server receives the 2nd request and, due to round-robin policy, dispatches it to node2, on main.ear file
main loads the unprotected login.jsp resource, which creates another JSESSIONID and returns to the client. The HTTP Response has the SET-COOKIE header as Set-Cookie:JSESSIONID=5678_.node2; Path=/
Login page is loaded, but now we have 2 JSESSIONID COOKIES on the browser, pointing to different nodes, which will lead to SSO issues after login, when we redirect to https://<ip>/myapp again

* "Empty" client_redirect page:

    <html>
        <script type="text/javascript"> 
            window.onload = function() { 
                window.location.replace('../../home/?app=myapp');    
            }
        </script> 
    </html>

回答1:

Here is the solution a friend suggested:

We don't need 2 JSESSIONID cookies, so we shouldn't create them in the 1st place. myapp should setup the web.xml file as follow, so both main and myapp can share the same session.

<session-config>
    <cookie-config>
        <path>/</path>
    </cookie-config>
</session-config>