Problems with session loss using Response.sendRedirect() (Tomcat 3.1) ?

[Drew Cox <dr...@epredix.com>]

We are experiencing a vexing problem in our production system and a vaguely
related post in the jGuru FAQ (http://www.jguru.com/faq/view.jsp?EID=53251)
made me think others may have seen this.

We have two separate web applications running in the same Tomcat 3.1 server.
One of the business process is:

1. webapp #1 initiates a session and then supplies a few screens.
2. webapp #1 uses Response.sendRedirect() to send user to webapp #2.
3. webapp #2 initiates it's own session and supplies a bunch of screens.
4. webapp #2 invalidates it's session then uses Response.sendRedirect() to
send user back to webapp #1.
5. webapp #1 continues on, using it's session and supplies some more
screens.

The problem is, for a relatively small, but significant number of our users,
at step 5. we find their original session from webapp #1 is missing.  We
have now added parameters to the redirected URL to enable us to recover the
session from the database, but we would like to get to the bottom of this.

A few notes:

- From logging entries we can confirm that session #1 is not timing out.
- We *never* get this in internal testing at any of our sites, which makes
us suspicious of things like browser differences, firewall policies etc.
- We get about 10-20 of these per day, our of about 300 uses of this
process.

So...

Anyone else seen this behavior?  Are there known problems around the
redirect in 3.1?  Anyone have any crazy ideas about what might cause this
sort of thing?

Any help appreciated.
Drew


--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>