RE: JESESSIONID
Thanks for the response on this. I don't think I explained myself very clearly though, as we're not actually using a cluster so we never pass session deltas between the nodes. Our JBOSS instances are round robin load balanced via mod_jk, therefore if a user has a session created on one server and that server is taken off line, mod_jk will route that users next request to the next available app server. The users original session data is never persisted as we don't currently use Tomcat's PersistentStoreManager. But I thought that the app server receiving this request with a JSESSIONID that is doesn't recognise would overwrite the cookie with it's own JESSIONID, if there is a call to req.getSession()? Our JBOSS instances have an embedded Tomcat v5.5 instance and we deploy our app as a WAR. Could anyone confirm that the above is the correct behavior of Tomcat? -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Thu 15/01/2009 17:41 To: Tomcat Users List Subject: Re: JESESSIONID -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James, James Hoare wrote: Hi, was wondering if someone could clear this up for me. I probably can't clear it up, 'cause I have no experience with JBOSS (or even Tomcat) clusters, but I have a few thoughts... We have mod_jk in apache loadbalancing our JBOSS cluster with session affinity. We've noticed that once the JESSIONID has been created with the call to req.getSession() and the jvmroute encoded by the tomcat worker, that if the JBOSS instance that originally created the HttpSession is taken off line the next JBOSS instance that receives the request doesn't rewrite the cookie with the new JESSIONID for that app server? Is that the correct behaviour? If the server instance is participating in a cluster, presumably the session ids are unique across the cluster. If that's the case, then the session id is valid no matter which server instance you get and so the session id wouldn't change if you switched servers. Does the session continue to work after this failover? That is, is there actually a problem, or are you just asking because you are observing something unexpected? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAklvdTsACgkQ9CaO5/Lv0PDX/gCdHs0EIQT8VWAxauRZAjCurHEP YBcAmwQAlsnXBSymUwdwPGmNbFtObNUv =Akmg -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JESESSIONID
James Hoare wrote: Thanks for the response on this. I don't think I explained myself very clearly though, as we're not actually using a cluster so we never pass session deltas between the nodes. Our JBOSS instances are round robin load balanced via mod_jk, therefore if a user has a session created on one server and that server is taken off line, mod_jk will route that users next request to the next available app server. The users original session data is never persisted as we don't currently use Tomcat's PersistentStoreManager. But I thought that the app server receiving this request with a JSESSIONID that is doesn't recognise would overwrite the cookie with it's own JESSIONID, if there is a call to req.getSession()? Our JBOSS instances have an embedded Tomcat v5.5 instance and we deploy our app as a WAR. Could anyone confirm that the above is the correct behavior of Tomcat? Confirmed. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JESESSIONID
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James, James Hoare wrote: Hi, was wondering if someone could clear this up for me. I probably can't clear it up, 'cause I have no experience with JBOSS (or even Tomcat) clusters, but I have a few thoughts... We have mod_jk in apache loadbalancing our JBOSS cluster with session affinity. We've noticed that once the JESSIONID has been created with the call to req.getSession() and the jvmroute encoded by the tomcat worker, that if the JBOSS instance that originally created the HttpSession is taken off line the next JBOSS instance that receives the request doesn't rewrite the cookie with the new JESSIONID for that app server? Is that the correct behaviour? If the server instance is participating in a cluster, presumably the session ids are unique across the cluster. If that's the case, then the session id is valid no matter which server instance you get and so the session id wouldn't change if you switched servers. Does the session continue to work after this failover? That is, is there actually a problem, or are you just asking because you are observing something unexpected? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAklvdTsACgkQ9CaO5/Lv0PDX/gCdHs0EIQT8VWAxauRZAjCurHEP YBcAmwQAlsnXBSymUwdwPGmNbFtObNUv =Akmg -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
JESESSIONID
Hi, was wondering if someone could clear this up for me. We have mod_jk in apache loadbalancing our JBOSS cluster with session affinity. We've noticed that once the JESSIONID has been created with the call to req.getSession() and the jvmroute encoded by the tomcat worker, that if the JBOSS instance that originally created the HttpSession is taken off line the next JBOSS instance that receives the request doesn't rewrite the cookie with the new JESSIONID for that app server? Is that the correct behaviour? I was under the impression that a call to req.getSession() would either return that users session or create a new one for that server and hence write that value to the cookie, providing the browser supports cookies? Should the value of the original JSESSIONID be overwritten with the new value? We're not using any Tomcat clustering or marking the app distributable in web.xml. Thanks James New to NET-A-PORTER.COM: 6 fabulous boutiques! http://www.net-a-porter.com/boutiques __ CONFIDENTIALITY NOTICE The information in this email is confidential and is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, you must not read, use or disseminate the information. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Net a Porter Ltd. Net A Porter Ltd is a company registered in England Wales Number: 3820604 Registered Office: The Dome, Whiteleys Centre, 151 Queensway, London, W2 4YN. _
