Thanks!
The problem as far as I can tell is a simple mixup of http requests
so user identities don't play into this. It might look like it since
user A is getting the results of user B but as far as session
management goes it is unaffected by this.
The URLs are very short.
This happens at random. This only starts to happen after the server
has been running for a while - it's as if some resource is being
consumed and once it's done this problem starts emerging.
When it starts happening it happens to all users.
What leads me to believe this is unrelated to my application code is
that restarting apache makes the problem go away. User data is
managed on the session object and I am not interfering with it in any
way (no direct cookie code).
This is also the reason I believe tomcat only will work. Also we have
been running for sometime in a tomcat only mode and never had this
problem (which is not definite evidence, i know).
The reason I am not jumping to proxy_http is that the application is
currently using IP geo location which I suspect will not be available
once we are behind a http proxy. We will be shutting off this
functionality just so we can switch to proxy_http but it takes a few
day to test.
Yuval
On Feb 11, 2009, at 4:38 AM, Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Yuval,
On 2/10/2009 3:44 PM, Yuval Perlov wrote:
We started restarting apache on a regular basis but if a user is in
mid
request (consider a user that just filled a big form and is upload
a file).
So it appears that Apache is, over time, losing track of user
identities? That seems odd since neither mod_jk nor Apache httpd
actually do anything but forward the identity information from the
browser to Tomcat. Either an HTTP cookie or a URL parameter is used to
identify sessions, and both are provided with every request.
Do you have unusually long URLs? Unusually long request bodies? I'm just
trying to think of why any data would be mixed-up.
Does this happen seemingly randomly, or only for certain pages on your
site? Certain source IP addresses? We had some users that were getting
all messed up before we recognized that they were doing through google's
cache which was seriously confusing just about everything. Fortunately,
we could see from our server logs that some requests came from the
/real/ remote user and others came from google's domain.
Otherwise, all I can think of is that you have some bug in your
application <shrug>. How are you doing authentication? How about user
identification - aside from relying on session data in Tomcat.
We are contemplating two approaches:
1) moving to proxy_http. My only concern is that this won't help -
maybe
the problem is unrelated to AJP? Upgrading has helped some users
but not
all and the problem exists in both mod_jk and proxy_ajp.
Trying mod_proxy_http will certainly give you more information. Can you
reproduce this problem in a safe environment?
2) getting rid of apache and moving tomcat to the front (much
harder to
configure but ensures we are rid of this problem).
Are you /sure/ that a Tomcat-only setup doesn't exhibit this problem?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkmSOi0ACgkQ9CaO5/Lv0PBpiwCdH2pRuaVP7TRl7E6tOqZbkUQM
yuUAniM9m8+Mo9aWiu2G8XQcZjXf2W/M
=l0Xk
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
