We have some strange behavior going on, probably due to the strange setup one of our customers use. Before I get into it, some facts:
Running Apache 1.3.27 with mod_jk 1.2.1 on two Redhat Linux servers talking to 4 Tomcat 4.0.5 instances. The Tomcats are running 2 per server on Sun Solaris 8 boxes using Sun's JDK 1.4.1. The Apache's are load-balancing to the Tomcats and we have a Cisco load-balancer in front of the Apache servers. Here is where it gets messy: the client is using IE 5.5 running on a Citrix terminal server. They are using multiple stations within a location and using the same account! So, user goes to station 1, logs in, does their business, then leaves the station without explicitely logging out of the app. They go to station 2, login, do their thing there then leaves....etc. On top of this, there are other users who use the same stations but use different browser windows and different logins. The problem is that the user complains of having to re-login to station 1 after "a couple of hours" when he comes back to use the session he left open previously. Of course, with roughly 200 users at this site, we have only had 2 complaints of this behavior but we are doing "due diligence" to figure out what is going on. It looks like the browser is getting "confused" about which session cookie is the right one for the session and it sends the wrong cookie, thereby getting the "invalidated session, please login again" screen. Can anyone shed any light on how this sort of behavior might cause session timeouts because of mishandled cookies? How does IE 5.x know that a cookie is for this particular window, let's say, and not another? Are cookies tied to windows? Being a Unix sysadmin, I can only look out Windows (TM); I don't use them. Any info would be appreciated. Ben Ricker -- Ben Ricker <[EMAIL PROTECTED]> Wellinx.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
