huck Caldarale
Sent: Saturday, April 13, 2024 4:00 PM
To: Tomcat Users List
Subject: [EXT]Re: [EXT]Re: Tomcat 10 session replication fails
On Apr 11, 2024, at 09:07, Rick Noel wrote:
We are getting closer
Changing ports from the 5000 range to the 4000 range stopped two
errors But now I get
er | Westwood One
rn...@westwoodone.com
-Original Message-
From: Chuck Caldarale
Sent: Saturday, April 13, 2024 4:00 PM
To: Tomcat Users List
Subject: [EXT]Re: [EXT]Re: Tomcat 10 session replication fails
> On Apr 11, 2024, at 09:07, Rick Noel wrote:
>
> We are getting closer
> Ch
Sort of off topic, but sort of related. If you're having tremendous
trouble using the built in replication methods, we built a redis based
session manager: https://github.com/exabrial/redex-sm
Currently redex-sm only works with Tomcat 8.5, but it wouldn't be a
big leap to make it work with Tomcat
> On Apr 11, 2024, at 09:07, Rick Noel wrote:
>
> We are getting closer
> Changing ports from the 5000 range to the 4000 range stopped two errors
> But now I get this..
>
> INFO: Manager [##0001]: skipping state transfer. No members active in cluster
> group
>
> How to I make the
Systems Programmer | Westwood One
rn...@westwoodone.com
-Original Message-
From: Chuck Caldarale
Sent: Thursday, April 11, 2024 9:14 AM
To: Tomcat Users List
Subject: [EXT]Re: Tomcat 10 session replication fails
[You don't often get email from n82...@gmail.com. Learn why this is important
> On Apr 11, 2024, at 07:56, Rick Noel wrote:
>
> We have our app running on Tomcat10 and doing clustering,but are getting the
> following errors seen int the Catalina log...
>
> Apr 11, 2024 8:14:43 AM org.apache.catalina.ha.session.DeltaManager
> waitForSendAllSessions
> SEVERE:
Hi,
We have our app running on Tomcat10 and doing clustering,but are getting the
following errors seen int the Catalina log...
Apr 11, 2024 8:14:43 AM org.apache.catalina.ha.session.DeltaManager
waitForSendAllSessions
SEVERE: Manager [##0001]: No session state sent at [4/11/24, 8:13 AM]
Many thanks Mark!
-Original Message-
From: Mark Thomas
Sent: 01 February 2022 09:25
To: users@tomcat.apache.org
Subject: Re: Tomcat 9 Session replication
On 31/01/2022 14:54, Alan F wrote:
> Many thanks Chris,
>
> Don't laugh I was looking at those values after Keiic
Schultz
Sent: 31 January 2022 14:46
To: users@tomcat.apache.org
Subject: Re: Tomcat 9 Session replication
All,
On 1/31/22 08:04, Keiichi Fujino wrote:
If you use StaticMembershipService, you must set
Cluster#channelStartOptions to 15 (default).
To spell that out (since the docs aren't very explicit
bers. Just make sure you have your ports
unique for each cluster and your membership ids unique for each node in
each cluster.
-chris
-Original Message-
From: Christopher Schultz
Sent: 31 January 2022 14:46
To: users@tomcat.apache.org
Subject: Re: Tomcat 9 Session replication
All,
On
interference ie specifying group or unique id etc.
-Original Message-
From: Christopher Schultz
Sent: 31 January 2022 14:46
To: users@tomcat.apache.org
Subject: Re: Tomcat 9 Session replication
All,
On 1/31/22 08:04, Keiichi Fujino wrote:
> If you use StaticMembershipService, you must
>
>
>
>filter=""/>
>className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
>
>className="org.apache.catalina.ha.deploy.FarmWarDeployer"
> tempDir="/opt/tomcat/war-temp
@tomcat.apache.org
Subject: Re: Tomcat 9 Session replication
On 28/01/2022 17:05, Alan F wrote:
> We are currently getting traffic from all cluster members in other
> environments using .staticmember opposed to multicast can I confirm why this
> is see below.
>
> What do we need to set here
On 28/01/2022 17:05, Alan F wrote:
We are currently getting traffic from all cluster members in other environments
using .staticmember opposed to multicast can I confirm why this is see below.
What do we need to set here for a clustered pair to make them unique and talk
to eachother only
We are currently getting traffic from all cluster members in other environments
using .staticmember opposed to multicast can I confirm why this is see below.
What do we need to set here for a clustered pair to make them unique and talk
to eachother only without seeing traffic from other members
I am researching if a packaged application built on Tomcat (not 100% sure of
version but assuming 9 until I know 100% sure) using session state replication
as described here http://tomcat.apache.org/tomcat-9.0-doc/cluster-howto.html
would work in an environment where broadcast/multicast is not
On 17/07/2019 00:06, M.S. Dousti wrote:
> Dear all,
>
> TLS allows session resumption via session IDs or session tickets. [This
> post](
> https://timtaubert.de/blog/2014/11/the-sad-state-of-server-side-tls-session-resumption-implementations/)
> shows how this can be performed in Apache web
Dear all,
TLS allows session resumption via session IDs or session tickets. [This
post](
https://timtaubert.de/blog/2014/11/the-sad-state-of-server-side-tls-session-resumption-implementations/)
shows how this can be performed in Apache web server and Nginx. Specially,
Apache has a
g deal conceptually. Except you
don't want to use an MRU queue and intentionally re-use session ids in
the near future, because...
> PS: Please also review “session fixation” as a side note to this
> problem.
If I get session id abcd1234 and then log out, and Tomcat implements a
"session
it is a randomly generated UUID it's a pretty safe assumption
>>> that a duplicate id is very unlikely and that reusing a session
>>> id for a different tomcat user session is also very unlikely. Is
>>> this correct?
>>
>> Correct.
>
> I did so
andom ID.
>
>> If it is a randomly generated UUID it's a pretty safe assumption
>> that a duplicate id is very unlikely and that reusing a session
>> id for a different tomcat user session is also very unlikely. Is
>> this correct?
>
> Correct.
I did some math on
ng a session id for a different
> tomcat user session is also very unlikely. Is this correct?
Correct.
> The action of destroying the session id server side (again without looking
> at the code) is probably just a string that is eventually gc'd. Is that
> correct or is it something more
ated id but I
honestly don't know without digging through the code base.
If it is a randomly generated UUID it's a pretty safe assumption that a
duplicate id is very unlikely and that reusing a session id for a different
tomcat user session is also very unlikely. Is this correct?
The action
Am 12.01.16 um 13:24 schrieb Mark Thomas:
On 12/01/2016 11:06, Thomas Scheffler wrote:
Am 11.01.16 um 22:05 schrieb Mark Thomas:
Found on
http://www.tomcatexpert.com/blog/2011/04/25/session-fixation-protection
the description how to switch the "feature" off.
I will file two bugs soon
session. To use the values of login() later in authenticate() in
>>> Tomcat 8.0.30 I had to insert "/foo" as my login page and "/bar" as my
>>> login-error-page. I think any value will do here ;-)
>>>
>>>
>>> FORM
>>>
Thomas,
On 1/13/16 8:31 AM, Thomas Scheffler wrote:
> Am 12.01.16 um 13:24 schrieb Mark Thomas:
>> On 12/01/2016 11:06, Thomas Scheffler wrote:
>>> Am 11.01.16 um 22:05 schrieb Mark Thomas:
>
> className="org.apache.catalina.authenticator.BasicAuthenticator"
>
Am 13.01.16 um 15:48 schrieb Christopher Schultz:
Thomas,
On 1/13/16 8:31 AM, Thomas Scheffler wrote:
Am 12.01.16 um 13:24 schrieb Mark Thomas:
On 12/01/2016 11:06, Thomas Scheffler wrote:
Am 11.01.16 um 22:05 schrieb Mark Thomas:
Found on
Thomas,
On 1/12/16 8:03 AM, Thomas Scheffler wrote:
> Am 12.01.16 um 13:24 schrieb Mark Thomas:
>> On 12/01/2016 11:06, Thomas Scheffler wrote:
>>> Am 11.01.16 um 22:05 schrieb Mark Thomas:
>
> className="org.apache.catalina.authenticator.BasicAuthenticator"
>
Thomas
> -Original Message-
> From: Olaf Kock [mailto:tom...@olafkock.de]
> Sent: Monday, January 11, 2016 4:12 PM
> To: Tomcat Users List
> Subject: Re: Tomcat 8.0.30 Session lost
>
> Well, at least you do a bit of protection instead of just disabling the
> s
On 12/01/2016 13:03, Thomas Scheffler wrote:
> Am 12.01.16 um 13:24 schrieb Mark Thomas:
>> On 12/01/2016 11:06, Thomas Scheffler wrote:
>>> Am 11.01.16 um 22:05 schrieb Mark Thomas:
For the first the description above isn't clear enough to be sure
exactly what you are asking for.
Am 12.01.16 um 13:24 schrieb Mark Thomas:
On 12/01/2016 11:06, Thomas Scheffler wrote:
Am 11.01.16 um 22:05 schrieb Mark Thomas:
Found on
http://www.tomcatexpert.com/blog/2011/04/25/session-fixation-protection
the description how to switch the "feature" off.
I will file two bugs soon
Am 11.01.16 um 22:05 schrieb Mark Thomas:
Found on
http://www.tomcatexpert.com/blog/2011/04/25/session-fixation-protection
the description how to switch the "feature" off.
I will file two bugs soon describing the issues I had. Hopefully they
will be fixed.
1.) if using
On 12/01/2016 11:06, Thomas Scheffler wrote:
> Am 11.01.16 um 22:05 schrieb Mark Thomas:
>>>
>>> >>changeSessionIdOnAuthentication="false" />
>>>
>>> Found on
>>> http://www.tomcatexpert.com/blog/2011/04/25/session-fixation-protection
>>> the description how to switch the "feature" off.
>>>
On 12/01/2016 15:57, Thomas Scheffler wrote:
> What I read in the specification is that a *fix* could be implemented
> that would a allow the bug to disappear. The third point above, changing
> the sessionId only if the user is "new" to the session, would fix the
> problem, could be integrated
Olaf,
On 1/11/16 4:12 PM, Olaf Kock wrote:
> Well, at least you do a bit of protection instead of just disabling the
> session fixation security filter. However, be aware that potentially
> many people might come from the same IP address - either because it's a
> NATing home router or a big
Am 12.01.16 um 14:41 schrieb Mark Thomas:
1.) are not required as every request belonging to the same session are
already authenticated. After login() other request of the same session
will not return 'null' on getRemoteUser() or getUserPrincipal()
2.) are not required, as authenticate() use
Hi Christopher,
Thanks for reminding me of my extra doubt that I missed writing of in
the first post:
Picking up on AOL: If I'm on proxy1 now, with many other users - will I
stay on that proxy for a long time? Or will I be loadbalanced to many
other proxies during my visit on the site? There's
On 12.01.2016 12:06, Thomas Scheffler wrote:
Am 11.01.16 um 22:05 schrieb Mark Thomas:
Found on
http://www.tomcatexpert.com/blog/2011/04/25/session-fixation-protection
the description how to switch the "feature" off.
I will file two bugs soon describing the issues I had. Hopefully they
will
On 1/12/2016 10:57 AM, Thomas Scheffler wrote:
Am 12.01.16 um 14:41 schrieb Mark Thomas:
1.) are not required as every request belonging to the same session
are
already authenticated. After login() other request of the same session
will not return 'null' on getRemoteUser() or getUserPrincipal()
Am 08.01.16 um 17:02 schrieb Christopher Schultz:
Tomcat will change the session identifier when the user authenticates.
If you are creating a session before login, you'll see that the session
id changes when authentication is successful. This is to protect against
session-fixation attacks.
I
On 11/01/2016 20:52, Thomas Scheffler wrote:
> Am 11.01.16 um 12:21 schrieb André Warnier (tomcat):
>> So the solution in your case, is to make sure, in your application
>> logic, that the first unauthenticated request would be totally processed
>> by the server, and the response processed by the
Well, at least you do a bit of protection instead of just disabling the
session fixation security filter. However, be aware that potentially
many people might come from the same IP address - either because it's a
NATing home router or a big company's proxy server. Especially if you
want to attack
Am 11.01.16 um 12:21 schrieb André Warnier (tomcat):
So the solution in your case, is to make sure, in your application
logic, that the first unauthenticated request would be totally processed
by the server, and the response processed by the client, before the
client sends a second request.
If
Thomas,
On 11.01.2016 11:30, Thomas Scheffler wrote:
Am 08.01.16 um 17:02 schrieb Christopher Schultz:
Tomcat will change the session identifier when the user authenticates.
If you are creating a session before login, you'll see that the session
id changes when authentication is successful.
Hi,
I have a very rare problem regarding session handling. It is
reproducible only on a single server environment. Of cause this is the
productive server.
I use container authentication and for simplicity 'tomcat-user.xml'.
Login is done via HttpServletRequest.login() method, whenever I
2016-01-08 19:02 GMT+03:00 Christopher Schultz :
> Thomas,
>
> On 1/8/16 8:00 AM, Thomas Scheffler wrote:
>> Am 08.01.16 um 11:43 schrieb Olaf Kock:
>>> Is there any chance that the first and correctly authenticated cookies
>>> (despite the debug output
Is there any chance that the first and correctly authenticated cookies
(despite the debug output "secure=false") are https-only cookies and
won't get transmitted in http, thus triggering new sessions? E.g. any
chance they get rewritten at another level (Apache httpd, ServletFilter,
others) to be
Am 08.01.16 um 11:43 schrieb Olaf Kock:
Is there any chance that the first and correctly authenticated cookies
(despite the debug output "secure=false") are https-only cookies and
won't get transmitted in http, thus triggering new sessions? E.g. any
chance they get rewritten at another level
Am 08.01.16 um 14:03 schrieb André Warnier (tomcat):
Hi Thomas.
It is a bit difficult to figure out where the problem really is, without
having the full picture of what is going on (your web.xml configuration,
the order and precise timing in which requests really happen etc.).
But one thing I
On 08.01.2016 10:07, Thomas Scheffler wrote:
Hi,
I have a very rare problem regarding session handling. It is reproducible only
on a single
server environment. Of cause this is the productive server.
I use container authentication and for simplicity 'tomcat-user.xml'.
Login is done via
Thomas,
On 1/8/16 8:00 AM, Thomas Scheffler wrote:
> Am 08.01.16 um 11:43 schrieb Olaf Kock:
>> Is there any chance that the first and correctly authenticated cookies
>> (despite the debug output "secure=false") are https-only cookies and
>> won't get transmitted in http, thus triggering new
On 22/12/2015 16:22, Jason Britton wrote:
> Questions on particulars of session fail over in my on going quest for zero
> downtime deployments -
>
> My current plan is to use JDBCStore for persisting to a database table
> shared by all tomcats powering apps. But this has brought up a couple
>
Questions on particulars of session fail over in my on going quest for zero
downtime deployments -
My current plan is to use JDBCStore for persisting to a database table
shared by all tomcats powering apps. But this has brought up a couple
concerns... If while a tomcat node is being shut down
sers List <users@tomcat.apache.org>,
Date: 04/09/2015 18:39
Subject: Re: Tomcat 8 Session Timeout
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Theo,
On 9/4/15 6:14 AM, theo.swe...@avios.com wrote:
> Hi Chris - the servlet spec states "If the time out is 0 or less,
> the conta
ing?
Theo
From: Christopher Schultz <ch...@christopherschultz.net>
To: Tomcat Users List <users@tomcat.apache.org>,
Date: 03/09/2015 16:43
Subject: Re: Tomcat 8 Session Timeout
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Theo,
On 9/3/15 8:28 AM, theo.swe...@avi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Theo,
On 9/4/15 6:14 AM, theo.swe...@avios.com wrote:
> Hi Chris - the servlet spec states "If the time out is 0 or less,
> the container ensures the default behavior of sessions is never to
> time out."
>
> Currently the timeout value is set to 2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Theo,
On 9/3/15 8:28 AM, theo.swe...@avios.com wrote:
> Thanks Chris - that pointer is very helpful.
>
> Can you clarify by setting session-timeout to 0, implies after 60
> seconds the session will expire or does it imply the same as -1,
> that
net>
To: Tomcat Users List <users@tomcat.apache.org>,
Date: 01/09/2015 17:23
Subject: Re: Tomcat 8 Session Timeout
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Theo,
On 9/1/15 4:29 AM, theo.swe...@avios.com wrote:
> Mark - I took a look at the Manager How To Guide as seen he
;ch...@christopherschultz.net>
To: Tomcat Users List <users@tomcat.apache.org>,
Date: 28/08/2015 19:09
Subject: Re: Tomcat 8 Session Timeout
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Theo,
On 8/28/15 12:08 PM, theo.swe...@avios.com wrote:
> Hello - currently HTTP sessions
mand line mechanism to gracefully terminate sessions?
No, but you can use the Manager app to view session contents and expire
the sessions.
Mark
>
> Theo
>
>
>
>
> From: Mark Thomas <ma...@apache.org>
> To: Tomcat Users List <users@tomcat.apache.org>,
>
org>
To: Tomcat Users List <users@tomcat.apache.org>,
Date: 28/08/2015 19:13
Subject: Re: Tomcat 8 Session Timeout
On 28/08/2015 12:08, theo.swe...@avios.com wrote:
> Hello - currently HTTP sessions are configured to timeout after 120
> seconds, in $CATALINA
:8080/manager/text/expire?path=/examples=0
Do you know if a wildcard can be used for the app name?
Theo
From: Mark Thomas <ma...@apache.org>
To: Tomcat Users List <users@tomcat.apache.org>,
Date: 01/09/2015 09:02
Subject: Re: Tomcat 8 Session Timeout
On 01/0
<ma...@apache.org>
> To: Tomcat Users List <users@tomcat.apache.org>,
> Date: 01/09/2015 09:02
> Subject:Re: Tomcat 8 Session Timeout
>
>
>
> On 01/09/2015 08:53, theo.swe...@avios.com wrote:
>> Hi Mark
>>
>> Tomcat version?
&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Theo,
On 9/1/15 4:29 AM, theo.swe...@avios.com wrote:
> Mark - I took a look at the Manager How To Guide as seen here -
>
> https://tomcat.apache.org/tomcat-8.0-doc/manager-howto.html#Expire_Ses
sions
>
> It mentions that it's possible to expire
Hello - currently HTTP sessions are configured to timeout after 120
seconds, in $CATALINA_BASE/conf/web.xml
session-config
session-timeout2/session-timeout
/session-config
However this is not being honoured by the web services, where many session
are lasting longer.
From what I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Theo,
On 8/28/15 12:08 PM, theo.swe...@avios.com wrote:
Hello - currently HTTP sessions are configured to timeout after 120
seconds, in $CATALINA_BASE/conf/web.xml
session-config session-timeout2/session-timeout
/session-config
I'd highly
On 28/08/2015 12:08, theo.swe...@avios.com wrote:
Hello - currently HTTP sessions are configured to timeout after 120
seconds, in $CATALINA_BASE/conf/web.xml
session-config
session-timeout2/session-timeout
/session-config
However this is not being honoured by the web
-up-tomcat-cluster-for-session-replication/
mentions
Does it mean DeltaManager was not properly loaded?
2) Tomcat docs says All your session attributes must implement
java.io.Serializable and I am not sure about it. Below my index.jsp is
listed.
It an attribute is not a Serializable
/examples to cluster element Engine with name
server_name
org.apache.catalina.ha.session.DeltaManager start
INFO: Starting clustering manager at /examples
as blog post
http://blogs.agilefaqs.com/2009/11/09/setting-up-tomcat-cluster-for-session-replication/
mentions
Does it mean DeltaManager
I've found that certain applications will no longer invalidate
sessions after upgrading from 7.0.53 to 7.0.54.
It seems to require clustering to be set up in Tomcat. If it's not set
up, session invalidation works fine.
So far, I can only trigger it in a webapp that uses Tapestry Spring Security.
2014-05-29 11:58 GMT+04:00 David Rees dree...@gmail.com:
I've found that certain applications will no longer invalidate
sessions after upgrading from 7.0.53 to 7.0.54.
It seems to require clustering to be set up in Tomcat. If it's not set
up, session invalidation works fine.
So far, I can
On Thu, May 29, 2014 at 8:51 AM, Konstantin Kolinko
knst.koli...@gmail.com wrote:
2014-05-29 11:58 GMT+04:00 David Rees dree...@gmail.com:
I've found that certain applications will no longer invalidate
sessions after upgrading from 7.0.53 to 7.0.54.
It seems to require clustering to be set up
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
David,
On 5/29/14, 3:12 PM, David Rees wrote:
On Thu, May 29, 2014 at 8:51 AM, Konstantin Kolinko
knst.koli...@gmail.com wrote:
2014-05-29 11:58 GMT+04:00 David Rees dree...@gmail.com:
I've found that certain applications will no longer
On Thu, May 29, 2014 at 12:16 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
Do you mean that you have a web application that does this:
session.invalidate();
session = request.getSession(true);
... and the old session is in fact not invalidated?
Yes. Specifics to make this
On Thu, May 29, 2014 at 12:39 PM, David Rees dree...@gmail.com wrote:
Yes. Specifics to make this happen seem to be:
TC 7.0.54 in a cluster, Tapestry 5.2.6 + Tapestry Spring Security.
OK, I was wrong, no Tapestry or Spring Security is required, just a
couple JSPs are required to reproduce.
On Thu, May 29, 2014 at 6:16 PM, David Rees dree...@gmail.com wrote:
I'll open a ticket with these details, too.
https://issues.apache.org/bugzilla/show_bug.cgi?id=56578
-Dave
-
To unsubscribe, e-mail:
2014-03-10 10:58 GMT+04:00 Akash Jain akash.delh...@gmail.com:
Christopher,
I have changed in server.xml. Below is the server.xml part -
Context path=
docBase=ROOT
sessionCookieName=mycookie
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Konstantin,
On 3/11/14, 8:46 AM, Konstantin Kolinko wrote:
2014-03-10 10:58 GMT+04:00 Akash Jain akash.delh...@gmail.com:
Christopher,
I have changed in server.xml. Below is the server.xml part -
Context path= docBase=ROOT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Akash,
On 3/10/14, 1:03 AM, Akash Jain wrote:
As documented in
https://tomcat.apache.org/tomcat-5.5-doc/config/manager.html#Disable_Session_Persistence,
I added the following code piece to disable session persistence in
Tomcat 7.
Manager
Christopher,
I have changed in server.xml. Below is the server.xml part -
Context path=
docBase=ROOT
sessionCookieName=mycookie
sessionCookieDomain=myapp.mydomain.com
As documented in
https://tomcat.apache.org/tomcat-5.5-doc/config/manager.html#Disable_Session_Persistence,
I added the following code piece to disable session persistence in
Tomcat
7.
Manager pathname= /
After this change I can see that SESSIONS.ser is not getting created
Hi,
На понеделник, 10 март 2014 г. Akash Jain akash.delh...@gmail.com написа:
As documented in
https://tomcat.apache.org/tomcat-5.5-doc/config/manager.html#Disable_Session_Persistence
,
I added the following code piece to disable session persistence in
Tomcat
7.
What is the exact version
#Disable_Session_Persistence
,
I added the following code piece to disable session persistence in
Tomcat
7.
What is the exact version of Tomcat?
The correct documentation for Tomcat 7 is [1].
Regards,
Violeta
[1]
http://tomcat.apache.org/tomcat-7.0-doc/config/manager.html
2013/1/30 Josh Gooding josh.good...@gmail.com:
As usual, I am always working with Tomcat to tweak every ounce of oomph
out of it and I ran across this scenario in my configuration trials.
At present, I have a small 3 server tomcat cluster running 7.0.30 64-bit on
CentOS, and jdk6. I want to
As usual, I am always working with Tomcat to tweak every ounce of oomph
out of it and I ran across this scenario in my configuration trials.
At present, I have a small 3 server tomcat cluster running 7.0.30 64-bit on
CentOS, and jdk6. I want to move the project from having to use kill -9
(for
: RE: Tomcat clustering session attribute is changed without request
Hi,
Replication of the attributes is done by the cluster valve.
http://tomcat.apache.org/tomcat-6.0-doc/config/cluster-valve.html
If you manage to call that code from your own application, than you can do
what you want
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul,
On 10/24/2011 7:28 AM, Hodchenkov, Paul wrote:
2) AFAIK tomcat fires onSessionDestroyed event when some node in
cluster is stopped gracefully. However, in my environment I don't
observe such behavior.
Is that really what you want? Taking
Hi, thx for the response.
Yes, it's ok for me that sessions are not expired(session continue to live on
another node) and onsessiondestroyed is not called when one node is stopped.
The actual reason why i asked this question was that many folks complained that
tomcat always fired
.
So, is there any way to force the replication of HttpSession?
-Original Message-
From: Pid [mailto:p...@pidster.com]
Sent: Monday, October 24, 2011 4:08 PM
To: Tomcat Users List
Subject: Re: Tomcat clustering session attribute is changed without request
On 24/10/2011 14:05, Hodchenkov
List
Subject: Re: Tomcat clustering session attribute is changed without request
On 24/10/2011 14:05, Hodchenkov, Paul wrote:
Hi,
Thanks for the reply!
- What does 'stores session map in memory' actually mean?
It's ConcurrentMapString, HttpSession map which is filled by HttpListener.
I
Hi all,
I have configured tomcat 7 cluster by using [1] with DeltaManager and it works
fine.
However I have the following 2 questions:
1) My application stores session map in memory(admin can force logout of
any user and change some session attribute). Will this session attribute be
Op maandag, 24 oktober 2011 12:55 schreef Hodchenkov, Paul
paul.hodchen...@oxagile.com:
Hi all,
I have configured tomcat 7 cluster by using [1] with DeltaManager and it works
fine.
However I have the following 2 questions:
1) My application stores session map in
List
Subject: Re: Tomcat clustering session attribute is changed without request
Op maandag, 24 oktober 2011 12:55 schreef Hodchenkov, Paul
paul.hodchen...@oxagile.com:
Hi all,
I have configured tomcat 7 cluster by using [1] with DeltaManager and it
works fine.
However I have
On 24/10/2011 11:55, Hodchenkov, Paul wrote:
Hi all,
I have configured tomcat 7 cluster by using [1] with DeltaManager and it
works fine.
However I have the following 2 questions:
1) My application stores session map in memory(admin can force logout of
any user and change some
in this case?
What is the benefit of using JMX connection to access the session instead of
HttpListener in this case?
-Original Message-
From: Pid [mailto:p...@pidster.com]
Sent: Monday, October 24, 2011 3:59 PM
To: Tomcat Users List
Subject: Re: Tomcat clustering session attribute is changed
-Original Message-
From: Pid [mailto:p...@pidster.com]
Sent: Monday, October 24, 2011 3:59 PM
To: Tomcat Users List
Subject: Re: Tomcat clustering session attribute is changed without request
On 24/10/2011 11:55, Hodchenkov, Paul wrote:
Hi all,
I have configured tomcat 7 cluster
On 05.10.2011 16:41, Tobias Quosigk wrote:
I'm running 2 servers with Tomcat 6.0.33 and session replication.
Tomcat session replication only works with Tomcat starting the first time
the server (Windows Server 2008 R2 64-bit) boots.
When I stop and then start the Tomcat service via Windows
I'm running 2 servers with Tomcat 6.0.33 and session replication.
Tomcat session replication only works with Tomcat starting the first time the
server (Windows Server 2008 R2 64-bit) boots.
When I stop and then start the Tomcat service via Windows Services, session
replication will no longer
Hi Chris,
as I said in one of my previous mail, I'm not able to reproduce the
error anymore. I'm trying to figuring out what's changed (some commit
made by someone of our team), and next week I'll test it on some other
test environments. I'm trying to collect all the details to send you
accurate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Diego,
On 6/1/2011 6:27 AM, Diego Ruotolo wrote:
BTW, in my previous mails I tell you about the architecture used in our
webapp, I send you the HTTP logs as returned by the access log valve and
The logs are not useful, since they don't contain
1 - 100 of 167 matches
Mail list logo