Re: JSESSIONID being lost

Wed, 21 Apr 2010 00:48:13 -0700 

Hi Jim
There may be another mis-configured server out there that produces JSESSIONID cookies with a domain-wide scope. SAP portals are a known problem. 

Best of luck

Regards

Ron


----- Original Message ----- 
From: "Jim Goodspeed" <goodspeeds...@gmail.com>

To: <users@tomcat.apache.org>
Sent: Wednesday, April 21, 2010 10:47 AM
Subject: JSESSIONID being lost



I'm hoping someone may have some insight into a difficult problem we are
having.  We have a situation where the JSESSIONID seems to get lost

somewhere in a users transaction - the result is they get kicked back to 
the
applications login page (no sessionid so the app thinks they haven't 
logged

in).

Our current setup is two hardware load balancers (layer 4) in front of two
Apache servers (2.2.14) which sit in front of two tomcat servers (6.0.20).
The hardware load balancers load balance apache and apache load balances
tomcat using AJP via mod_proxy.  Apache and Tomcat are running on RHEL4
32-bit.  The JVM is 1.6.

This issue first popped up when we moved to the above architecture -
previously we had no hardware load balancers and only one apache server
balancing two tomcat servers (still with AJP via mod_proxy).  Initial

thoughts were that it had something to do with either the 2nd apache 
server

or the load balancers.


One way we have made this better (but not fixed) was to turn off one of 
the
tomcat servers so that requests could only go to one place - we thought 
that

the users session was being sent to the other tomcat server even though we
were using sticky sessions.  This was our temporary fix until we could

implement clustering, but today we found that users were still being 
kicked

back to the login page even with only one tomcat server running.  In the
interim we have turned off one of the apache servers to see if that helps
(so two hardware load balancers, one apache server and one tomcat server).


This problem is intermittent and almost impossible to reproduce, but it 
does

seem to happen more under heavy load.  Any insight would be very much
appreciated.  If it would help I can post our apache and tomcat
configurations.


Thanks in advance.




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org























					Reply via email to