Chris, When i use my latest iphone 11 to access the web app, tomcat server generates new session every time. It's normal use, not private browsing.
I did not change any setting on tomcat regarding session, use default session tracking. Is there any setting that can enforce using previous session (i.e. track session)? Can I save the previous SessionID and use it to get the session with this id explicitly? -aj On Wed, Apr 29, 2020 at 10:13 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > AJ, > > On 4/28/20 16:13, AJ Chen wrote: > > Andre, thanks for asking the questions. Yes, we try to get > > understand the behaviors. > > > > We have seen iphone and other android phones, on different > > carriers, from different networks, encounter this problem - losing > > session. It does not seem there is a pattern so far. Users use all > > kinds of phones. Some of their phones experience this problem. > > Are any of them using "private browsing" or anything like that? > > Are you just using the standard Tomcat-generated JSESSIONID cookies? > > - -chris > > > On Tue, Apr 28, 2020 at 12:08 PM André Warnier (tomcat/perl) > > <a...@ice-sa.com> wrote: > > > >> On 28.04.2020 18:28, AJ Chen wrote: > >>> Thanks. Martin and Mark. > >>> > >>> I can recreate the problem: I compare two different mobile > >>> phones. One phone can log in and proceed. Server log shows the > >>> same session persists (same sessionID upon different requests). > >>> The other phone can log in, but upon next request, server log > >>> show a new session is always created (new sessionId). > >>> > >>> Since session tracking works on PC browser and some mobile > >>> phone, the > >> proxy > >>> (if any) in front of aws EC2 server should not be the problem. > >> Anything > >>> else may be missing? > >>> > >> > >> Asking just in case : - are the 2 phones on the same network > >> carrier ? - are they the same brand, or at least OS ? - if you > >> connect them both to the same local WiFi, do they still act > >> differently ? > >> > >> Note : no idea if this makes any difference, but we're trying to > >> find a reason why they act differently when using the same > >> Internet application server, right ? > >> > >>> -aj > >>> > >>> > >>> On Tue, Apr 28, 2020 at 12:30 AM Mark Thomas <ma...@apache.org> > >>> wrote: > >>> > >>>> On 28/04/2020 07:47, Martin Grigorov wrote: > >>>>> On Tue, Apr 28, 2020 at 9:11 AM AJ Chen > >>>>> <ajc...@web2express.org> > >> wrote: > >>>>> > >>>>>> Anyway to fix it? thanks. -aj > >>>>>> > >>>>> > >>>>> First you need to investigate whether there is a proxy. > >>>>> Then what kind of proxy. Then where is its configuration. > >>>>> Then consult with its manual and see whether there is > >>>>> something wrong/missng. > >>>> > >>>> I'd recommend taking a step back. > >>>> > >>>> Guessing at what might be wrong and then trying to fix the > >>>> problem you have only guessed at is unlikely to work. > >>>> > >>>> Can you recreate the problem? You can't tell if something is > >>>> fixed if you can't recreate it. > >>>> > >>>> Once you recreate the problem then you can start to narrow it > >>>> down. You need to track what is happening to the session ID. > >>>> You'll probably need to add some information to the access > >>>> log, possibly look at some raw network logs and/or look at > >>>> HTTP headers on the client.. > >>>> > >>>> Somewhere in all of the above you should find out where the > >>>> session ID is getting dropped. Then you need to figure out > >>>> why. Only then you know why this is happening can you start > >>>> to think about a solution. > >>>> > >>>> Mark > >>>> > >>>> > >>>>> > >>>>> > >>>>>> > >>>>>> > >>>>>> On Mon, Apr 27, 2020 at 10:54 PM Martin Grigorov < > >> mgrigo...@apache.org> > >>>>>> wrote: > >>>>>> > >>>>>>> Hi, > >>>>>>> > >>>>>>> On Tue, Apr 28, 2020 at 2:23 AM AJ Chen > >>>>>>> <ajc...@web2express.org> > >>>> wrote: > >>>>>>> > >>>>>>>> My web application using tomcat 6 can track user > >>>>>>>> session (cookie by default) for mobile and PC users > >>>>>>>> in dev environment. But when > >> deployed > >>>>>> on > >>>>>>>> cloud server, it fails to track session for some > >>>>>>>> mobile users. > >>>> meaning, > >>>>>>>> servlet always creates a new session upon user > >>>>>>>> request. > >>>>>>>> > >>>>>>>> Any idea why this happens? > >>>>>>>> > >>>>>>> > >>>>>>> Most probably there is a proxy in front of Tomcat in > >>>>>>> the cloud > >>>>>> environment > >>>>>>> which does not properly forward the JSESSIONID cookie. > >>>>>>> > >>>>>>> Martin > >>>>>>> > >>>>>>> > >>>>>>>> > >>>>>>>> aj > >>>>>>>> > >>>>>>> > >>>>>> > >>>>> > >>>> > >>>> > >>>> ------------------------------------------------------------------- > - -- > >>>> > >>>> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > >>>> For additional commands, e-mail: > >>>> users-h...@tomcat.apache.org > >>>> > >>>> > >>> > >> > >> > >> --------------------------------------------------------------------- > >> > >> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > >> For additional commands, e-mail: users-h...@tomcat.apache.org > >> > >> > > > -----BEGIN PGP SIGNATURE----- > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl6ptcAACgkQHPApP6U8 > pFgXVRAAuWAid0eXZF9duF3COnoX17FVPGe4v2RCt+2DzDcf3yXLdr0w9/wsHJlv > FG9eZBYKAMirZlpM/FLkNKoR7dygcYyyO7nxI9j93Nv8jZmnRmhCgak0unlr0zfB > b728Y5/i80vc2KoOXy6La+tRcZKVMG+q6UP3VDz/YRegk8WVn0oeUty8JrPpYy22 > Dh7KgnCO20xDNaMPbhvm45LlvfaxeRreCDqGp30wPnkyw7zbB8kARj/BLNI+Hf5B > nC7E14ISiXRj62hPx25drcfxoES407+yVfKt2+g5j3jhxLshwM2XDgMFCm4B2SIP > WpQ91qiJCX4IW3YZEVs2bXPafH+Sp9eQcsyXDYqvnsImUWQ9EFqiuuqQoj45/n6S > LbqzcCVdFBkDmIIz8siuI2dX6MnWxqJE3aUwMqdP9AKA49i7ZApRdRx1wa90mN5/ > KtDmXWTc2YJmirtfU7JvzH3EmoG8BJ+24uR8Q6ealPk+9bHGM7tsyBAqRUfIJzfc > 1DY49etOt1lKq3HwmviQyYUjxCQPmorz++efE5/qIRjubcQMjVC+skxwiptcsvz6 > HttGBZ6fVCLUZ1TGGlkQog/l1HI1ZiIkUQYh53QfeVsvgti7Zr346CV3YNGV/9N7 > +keNyGXlZO9TJrzepknnCa8Ht+BMz82wOqYX8eP8AhiG9sJdVOM= > =aGls > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >