You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2009/07/11 22:10:14 UTC
DO NOT REPLY [Bug 47510] New: sessionId is not generated when switch
between clusters
https://issues.apache.org/bugzilla/show_bug.cgi?id=47510
Summary: sessionId is not generated when switch between
clusters
Product: Tomcat 6
Version: 6.0.18
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
AssignedTo: dev@tomcat.apache.org
ReportedBy: vujack@yahoo.com
Currently, tomcat only generates a new sessionid if it's not NULL and tries to
reuse the existing one. However, in the case of tomcat configured with load
balancer using jvmRoute and user switch between clusters on the same browser
session, tomcat see jsession cookie(with old jvmroute value from another
cluster) and reuse it and it's not correct. The fix is to check jvmRoute value
and it's note the same, generate new sessionId.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 47510] sessionId is not generated when switch
between clusters
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=47510
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #2 from Mark Thomas <ma...@apache.org> 2009-07-16 14:06:51 PST ---
The patch is in the wrong format (full file rather than diff -u) and breaks the
Manager API as described in the Javadocs. Without a justification of the "it's
not correct" statement, I can't anything that is wrong with the current
behaviour from a spec or functional point of view.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 47510] sessionId is not generated when switch
between clusters
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=47510
Barry <bm...@systemax.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bmolof@systemax.com
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 47510] sessionId is not generated when switch
between clusters
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=47510
Barry <bm...@systemax.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|INVALID |
--- Comment #3 from Barry <bm...@systemax.com> 2009-11-13 07:02:39 UTC ---
We are having the same problem. We have 4 JBoss 4.2.3 servers in a cluster
using sticky session but no session replication.
Here is the scenario. If the first request gets routed to node1, the sessionid
will end in ".node1" and all requests will go back to that node. Let's say
node1 goes down and the next request gets sent to node2. Since the session is
not on node2, a new session is created. The problem is that the same session
id, the one ending in ".node1" is reused instead of a whole new session id
ending in ".node2" being created.
There are 2 problems with this:
1) There are still 3 other JBoss servers running. All requests from the same
browser using a session id ending in ".node1" will go to random JBoss servers
(no more sticky sessions). This pretty much renders the app useless.
2) When node1 comes back up, the user again is switched back to node1 and
remains there as sticky sessions kicks in.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 47510] sessionId is not generated when switch
between clusters
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=47510
--- Comment #1 from Giac Vu <vu...@yahoo.com> 2009-07-11 13:13:11 PST ---
Created an attachment (id=23959)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=23959)
BaseManager.java with a fix
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 47510] sessionId is not generated when switch
between clusters
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=47510
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |INVALID
--- Comment #4 from Mark Thomas <ma...@apache.org> 2009-12-10 13:16:49 GMT ---
For this to happen as described, a cookie intended for one cluster must be
transmitted to a different cluster. This shouldn't happen. Given that the
cookie will be selected by host and path, I don't see how this can happen. This
looks like misconfiguration at this stage. I suggest you follow this up on the
users list in the first instance. If that discussion concludes that there is a
bug here, please re-open this issue and describe the steps to reproduce the
bug.
Note also that are are free to add custom valves and/or filters to manipulate
the session cookie (or anything else) if necessary.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org