I read through the load balancing design doc, and I have a couple of observations. First, I think you need to consider having the load manager component to at least have a master/slave concept (and maybe many slaves). What happens to the HASingleton if that node crashes? There wouldn't be anything communicating load information back to the httpd. Second, I think you need to consider the common topology of when httpd is sitting in a DMZ, and communication is across the inner firewall. I know at my last employer, our security policy would not allow http/s to be over a non-standard port outbound (which the AS side would be going outbound to mod_cluster), and for the inbound side from httpd through the inner firewall to the AS we wouldn't allow http/s, as this would only be allowed to be open on the outer firewall into the httpd servers. Only application specific protocols like AJP were allowed through the inner firewall. We also preferred to have those protocols be encrypted with TLS, so for our configuration we would use stunnel, but that is a band-aid. I think we should consider a TLS option on the AJP, or whatever protocol we use for mod_cluster to talk to the AS side. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4116795#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...