Martin, I think there might be a bit of a misunderstanding - America Online (AOL) isn't a server under my control - it's an ISP from which some of my customers come.
Daniel > -----Original Message----- > From: Martin Gainty [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 10, 2006 9:07 AM > To: Tomcat Users List; [EMAIL PROTECTED] > Subject: Re: AOL > > Good Morning Dan- > > It seems you're going thru alot more work because of session > expiration issues Do you know if AOL supports 'sticky' sessions? > > Thanks, > > M- > This e-mail communication and any attachments may contain > confidential and privileged information for the use of the > designated recipients named above. If you are not the > intended recipient, you are hereby notified that you have > received this communication in error and that any review, > disclosure, dissemination, distribution or copying of it or > its contents > ----- Original Message ----- > From: "Daniel Blumenthal" <[EMAIL PROTECTED]> > To: "'Tomcat Users List'" <users@tomcat.apache.org> > Sent: Tuesday, October 10, 2006 9:00 AM > Subject: RE: AOL > > > > Good morning Martin, > > > > Have I misunderstood? The issue isn't switching from using > Apache as > > a front end (for now), but rather that America Online (AOL) > uses proxy > > banks, so that every request comes in with an arbitrary IP > address. > > This is causing two problems: > > > > 1) Users are logged in on some pages, but not on others, because > > they're being sent to different application servers > > 2) Extra sessions are getting created > > > > I've mostly solved the first problem by using cookies, and > keeping a > > username/hashed password. The second one looks a bit trickier. > > > > As Stefan pointed out: > > > >> The IP is that of the last proxy, which does not have to > be the same > > between requests. > >> But it is almost always from the same range, belonging to > the provider. > > > > The IP addresses are generally of the form A.B.C.xx, where > A, B, and C > > don't change. So ideally there would be a way to allow sessionID > > verification to only check those first three numbers. This > is probably an Apache problem. > > > > Daniel > > > > > >> -----Original Message----- > >> From: Martin Gainty [mailto:[EMAIL PROTECTED] > >> Sent: Tuesday, October 10, 2006 8:37 AM > >> To: Tomcat Users List; [EMAIL PROTECTED] > >> Subject: Re: AOL > >> > >> Good Morning Dan > >> > >> From what I see alot of folks are using Hardware accelerators to > >> overcome inherent delay introduced by front ending with apache To > >> clarify everyone's understanding What does AOL bring to your > >> environment and How does AOL server configure in your environment? > >> If I had to speculate I would suggest a possible misconfig > with one > >> or more of your proxy but I would need to know more of the > >> features/functions that AOL brings > >> > >> Thanks, > >> Martin-- > >> This e-mail communication and any attachments may contain > >> confidential and privileged information for the use of the > designated > >> recipients named above. If you are not the intended recipient, you > >> are hereby notified that you have received this communication in > >> error and that any review, disclosure, dissemination, > distribution or > >> copying of it or its contents > >> ----- Original Message ----- > >> From: "Daniel Blumenthal" <[EMAIL PROTECTED]> > >> To: "'Tomcat Users List'" <users@tomcat.apache.org> > >> Sent: Tuesday, October 10, 2006 2:12 AM > >> Subject: AOL > >> > >> > >> > We just switched from a single server to a cluster, with a load > >> > balancer out front to manage incoming connections. The > >> load balancer > >> > makes the decision to go to app server 1 (app1) or app > >> server 2 (app2) > >> > based on IP address - once a request comes in from one > >> source IP, all > >> > future requests (for some period of time) go to the same server. > >> > > >> > The problem is that it appears that AOL will randomly > assign an IP > >> > address to every request a user sends. So a user could end > >> up going > >> > to both servers. > >> > > >> > With the exception of user login data, the code is > >> reentrant, but I've > >> > had to store login information as cookies (max age = -1 > so only for > >> > the current > >> > session) so that the user will automatically log in to the other > >> > server if/when they hit it. Although this approach seems > >> to work, it > >> > also has some problems, and I was wondering if others had > >> encountered > >> > this problem, and if there was a "standard" solution. > >> > > >> > > >> > > >> > > >> > > > > > > > > > > --------------------------------------------------------------------- > > To start a new topic, e-mail: users@tomcat.apache.org > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
