Original Message
Subject: Re: Client IP changes on SSL- tricks load balancer
From: Maureen Barger
> Your loadbalancer hosts your service name, www.bradsapp.com and it
> routes traffic to www1.bradsapp.com www2.bradsapp.com and
> www3.bradsapp.com.
Pretty much yes,
Can we back up a little, just for fun? :)
Can you talk a little bit about how your app is set up? Here is my
take on your description:
Your loadbalancer hosts your service name, www.bradsapp.com and it
routes traffic to www1.bradsapp.com www2.bradsapp.com and
www3.bradsapp.com. The LB is configure
ld be receiving.
~Brad
Original Message
Subject: Re: Client IP changes on SSL- tricks load balancer
From: Jason Fisher
Date: Wed, February 25, 2009 3:40 pm
To: cf-talk
@Brad,
I totally understand that issue of having large / complex session blocks
and facing the potential of deep re
@Brad,
I totally understand that issue of having large / complex session blocks and
facing the potential of deep re-work. One thought in that vein, especially
thinking forward to the potential performance shocks of running large sessions
in memory: you may want to consider pushing more to the
--
Subject: Re: Client IP changes on SSL- tricks load balancer
From: Jason Fisher
Date: Wed, February 25, 2009 2:09 pm
To: cf-talk
In a hardware load-balanced environment, I have always used Client vars
rather than Session. (Just make sure you store them in the DB, not in
the Registry.) Basi
You are correct that session data cannot be replicated between
stand-alone installs of ColdFusion. You are also correct in your
assessment of why my user's sessions seem to disappear when they switch
servers. Unfortunately, I know what is happening. What I don't know is
how to prevent it.
~Bra
Thanks for the info Dave. I didn't know the bit about load balancers
hosting the certs. I'll have to ask our hosting company about the
specific set up of our balancer.
>From my research, it seems that load balancers can use one (or more?) of
the following methods to to determine which server
O
On Wed, Feb 25, 2009 at 2:09 PM, Jason Fisher wrote:
>
> In a hardware load-balanced environment, I have always used Client vars
> rather than Session. (Just make sure you store them in the DB, not in the
> Registry.) Basically, the Client vars are a contract between the browser
> and the a
Chris, that is my assumption of what is happening. Either that or their
network has two gateways-- one for secure, and one for non-secure.
Of course, the looming question is why it tricks my load balancer.
~Brad
Original Message
Subject: Re: Client IP changes on SSL- tricks
In a hardware load-balanced environment, I have always used Client vars rather
than Session. (Just make sure you store them in the DB, not in the Registry.)
Basically, the Client vars are a contract between the browser and the
application, whereas Session vars are a contract between the brows
> 1) Can anyone confirm seeing the behavior of changing
> IP addresses over SSL?
I haven't seen this with SSL specifically, but there's nothing special
about SSL in this case - just like HTTP, HTTPS is stateless.
> 3) Aren't cookies encrypted over SSL anyway-- so how
> would my load balancer eve
It is possible that the user has a different proxy for http than for https -
this would possibly give you a different IP for http vs https. There are not
many really good reasons to do that, so it's somewhat unlikely, but possible.
>That's a good question Mark. We are not using domain cookies
It is possible that the user has a different proxy for http than for https -
this would possibly give you a different IP for http vs https. There are not
many really good reasons to do that, so it's somewhat unlikely, but possible.
>That's a good question Mark. We are not using domain cookies,
onger exists.
~Brad
Original Message
Subject: RE: Client IP changes on SSL- tricks load balancer
From: "Mark Kruger"
Date: Wed, February 25, 2009 11:50 am
To: cf-talk
Are you sure something else is not going on dealing with
Are you sure something else is not going on dealing with domain cookies?
If I come into a site as http://example.com and browse around - getting
sesssionID in the process and tied to a cookie, then I hit a URL
http://www.example.com
That's a different domain Unless you are hitting the sa
15 matches
Mail list logo
