Good morning Martin, Have I misunderstood? The issue isn't switching from using Apache as a front end (for now), but rather that America Online (AOL) uses proxy banks, so that every request comes in with an arbitrary IP address. This is causing two problems:
1) Users are logged in on some pages, but not on others, because they're being sent to different application servers 2) Extra sessions are getting created I've mostly solved the first problem by using cookies, and keeping a username/hashed password. The second one looks a bit trickier. As Stefan pointed out: > The IP is that of the last proxy, which does not have to be the same between requests. > But it is almost always from the same range, belonging to the provider. The IP addresses are generally of the form A.B.C.xx, where A, B, and C don't change. So ideally there would be a way to allow sessionID verification to only check those first three numbers. This is probably an Apache problem. Daniel > -----Original Message----- > From: Martin Gainty [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 10, 2006 8:37 AM > To: Tomcat Users List; [EMAIL PROTECTED] > Subject: Re: AOL > > Good Morning Dan > > From what I see alot of folks are using Hardware accelerators > to overcome inherent delay introduced by front ending with > apache To clarify everyone's understanding What does AOL > bring to your environment and How does AOL server configure > in your environment? > If I had to speculate I would suggest a possible misconfig > with one or more of your proxy but I would need to know more > of the features/functions that AOL brings > > Thanks, > Martin-- > This e-mail communication and any attachments may contain > confidential and privileged information for the use of the > designated recipients named above. If you are not the > intended recipient, you are hereby notified that you have > received this communication in error and that any review, > disclosure, dissemination, distribution or copying of it or > its contents > ----- Original Message ----- > From: "Daniel Blumenthal" <[EMAIL PROTECTED]> > To: "'Tomcat Users List'" <users@tomcat.apache.org> > Sent: Tuesday, October 10, 2006 2:12 AM > Subject: AOL > > > > We just switched from a single server to a cluster, with a load > > balancer out front to manage incoming connections. The > load balancer > > makes the decision to go to app server 1 (app1) or app > server 2 (app2) > > based on IP address - once a request comes in from one > source IP, all > > future requests (for some period of time) go to the same server. > > > > The problem is that it appears that AOL will randomly assign an IP > > address to every request a user sends. So a user could end > up going > > to both servers. > > > > With the exception of user login data, the code is > reentrant, but I've > > had to store login information as cookies (max age = -1 so only for > > the current > > session) so that the user will automatically log in to the other > > server if/when they hit it. Although this approach seems > to work, it > > also has some problems, and I was wondering if others had > encountered > > this problem, and if there was a "standard" solution. > > > > > > > > > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
