[Bug 58356] New: Session jumping due to incorrect route

Thu, 10 Sep 2015 10:15:07 -0700 

https://bz.apache.org/bugzilla/show_bug.cgi?id=58356

            Bug ID: 58356
           Summary: Session jumping due to incorrect route
           Product: Apache httpd-2
           Version: 2.2.15
          Hardware: HP
                OS: Linux
            Status: NEW
          Severity: blocker
          Priority: P2
         Component: mod_proxy_ajp
          Assignee: [email protected]
          Reporter: [email protected]

Our mod proxy is configured as follows:

<Proxy balancer://App>
BalancerMember
ajp://xxxx-44276360-13-70680295.prod.aaa.bbb.ccc.prod.ddd.com:8009
route=xxxx-44276360-13-70680295
BalancerMember
ajp://xxxx-44277895-7-70710077.prod.aaa.bbb.ccc.prod.ddd.com:8009
route=xxxx-44277895-7-70710077
..
..
.. (50 odd such Balancer Members)
ProxySet lbmethod=bytraffic
ProxySet stickysession=JSESSIONID|jsessionid scolonpathdelim=On
</Proxy>
ProxyPreserveHost On
ProxyPass / balancer://App/

Backend server is Jboss 5.1.2. Stickiness is maintained via JSESSIONID cookie.
jvmRoute is appropriately configured on jboss side. And situation works as
expected most of the times.

However, sometimes, stickiness stops working randomly. & happens for all
sessions when it kickstarts. When that happens, we see that
BALANCER_WORKER_ROUTE is set as different from BALANCER_SESSION_ROUTE without
any error from worker. Following is the log entry for one error occurence

[10/Sep/2015:07:59:14 +0000] | 200 | [3506610 us] | [JSESSIONID
xxxx-44277895-7-70710077 
ajp://xxxx-44276360-13-70680295.prod.aaa.bbb.ccc.prod.ddd.com:8009
xxxx-44276360-13-7068029 1]

Logformat used is
LogFormat "%t | %>s | [%D us] | [%{BALANCER_SESSION_STICKY}e
%{BALANCER_SESSION_ROUTE}e  %{BALANCER_WORKER_NAME}e %{BALANCER_WORKER_ROUTE}e
%{BALANCER_ROUTE_CHANGED}e]

Notice the BALANCER_WORKER_ROUTE. It is missing one character. Route should
have been xxxx-44276360-13-70680295 but apache sees it as
xxxx-44276360-13-7068029 (last character truncated). Point in question is not
that BALANCER_WORKER_ROUTE is malformed, but that all route will malform and
session stickiness will definitely not work if that happens because apache
won't find it due to truncated character.

We've been checking on character length limitation (as prescribed for
mod-cluster here
https://docs.jboss.org/mod_cluster/1.2.0/html/Intro.html#d0e85) but all looks
ok. Plus it's for mod_cluster & mod_proxy_ajp doesn't really publish any such
limitations.

Please check & advice if this could be a potential bug.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to