I`m working on migration from tomcat 6 to tomcat 8. On tomcat 8 the following
warning occurs when the session is expired or the user signed out:
WARN [org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO unable
to expire session [Host: [localhost], Context: [/appName], SessionID:
[cookieId]] because the Session could not be found
I found that in Tomcat 6 session registers like the following:
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] Registering sso
id 'E16F95304C7A0571A392C49BBB5B2B28' for user 'root' with auth type 'FORM'
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] Associate sso
id E16F95304C7A0571A392C49BBB5B2B28 with session
StandardSession[68B9BFEC646992D572DEDFBB0BA29BDC]
And then session destroys as the following:
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] Process session
destroyed on StandardSession[68B9BFEC646992D572DEDFBB0BA29BDC]
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] Deregistering
sso id 'E16F95304C7A0571A392C49BBB5B2B28'
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] Process session
destroyed on StandardSession[CC36C13B089873D8BCEF2CBAFA1552F5]
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] Process session
destroyed on StandardSession[DAC33294278B915C464EDFF0387A5E8D]
Everything looks fine.
In Tomcat 8 session registers listed below:
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO registering
SSO session [F869098E903E96139B95170742C613E8] for user [root] with
authentication type [FORM]
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO associating
application session [StandardSession[9B741874689B4C8A1296D5BB86B841D0]] with
SSO session [F869098E903E96139B95170742C613E8]
And when the session has to be destroyed the following messages occurs:
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO processing
a log out for SSO session [F869098E903E96139B95170742C613E8] and application
session [StandardSession[A88E8761E6F82CF38ED79590D1FED84D]]
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO expiring
application session [Host: [localhost], Context: [/AppName1], SessionID:
[AE27B6B1C4E9C26E7C298A4E1DB7DC27]] associated with SSO session
[F869098E903E96139B95170742C613E8]
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO processing
a log out for SSO session [F869098E903E96139B95170742C613E8] and application
session [StandardSession[AE27B6B1C4E9C26E7C298A4E1DB7DC27]]
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO failed to
deregister the SSO session [F869098E903E96139B95170742C613E8] because it was
not in the cache
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO expiring
application session [Host: [localhost], Context: [/AppName2], SessionID:
[9B741874689B4C8A1296D5BB86B841D0]] associated with SSO session
[F869098E903E96139B95170742C613E8]
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO processing
a log out for SSO session [F869098E903E96139B95170742C613E8] and application
session [StandardSession[9B741874689B4C8A1296D5BB86B841D0]]
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO failed to
deregister the SSO session [F869098E903E96139B95170742C613E8] because it was
not in the cache
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO expiring
application session [Host: [localhost], Context: [/AppName3], SessionID:
[A88E8761E6F82CF38ED79590D1FED84D]] associated with SSO session
[F869098E903E96139B95170742C613E8]
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost]] SSO unable to
expire session [Host: [localhost], Context: [/AppName3], SessionID:
[A88E8761E6F82CF38ED79590D1FED84D]] because the Session could not be found
I also found the tomcat's function that destroys sessions. The messaging should
look something like this:
1. SSO processing a log out for SSO session [{0}] and application session
[{1}]
2. SSO expiring application session [{0}] associated with SSO session
[{1}]
But as you can see above, the only "AppName1" starts with the "SSO
processing...", the others starts with "SSO expiring...", and "AppName1" ends
up with a warning message.
Could it be related to session association thing? How to switch them and set
like in tomcat 6?
Or may it be related to something else and if it so where should I look?
