And have you set jvmRoute parameter in the server.xml file on the tomcats to match the route value you use in the balancer?
Maybe read the following section of the mod_proxy_balancer carefully to make sure all the dependencies are meat: http://httpd.apache.org/docs/2.2/mod/mod_proxy_balancer.html#stickyness_implementation Igor On Thu, Jan 12, 2012 at 8:42 AM, Daniel Mikusa <dmik...@vmware.com> wrote: > On Wed, 2012-01-11 at 10:21 -0800, Weffen Cheung wrote: > > Hello, > > > > First Thanks for your reply, Dan. > > > > 1. Yes, I am using apache2+mod_proxy in front of the two tomcats, here > are the configuration in httpd.conf: > > > > ProxyPass /images/ ! > > ProxyPass /css/ ! > > ProxyPass /js/ ! > > ProxyPass /photo/ ! > > ProxyPass /icon/ ! > > ProxyPass /pg/ ! > > ProxyPass /job/ ! > > ProxyPass /maintenance/ ! > > ProxyRequests Off > > > > <Proxy balancer://cluster/> > > BalancerMember ajp://localhost:8009/ route=tomcat > loadfactor=1 > > BalancerMember ajp://localhost:8010/ route=tomcat2 > loadfactor=1 > > </Proxy> > > ProxyPass / balancer://cluster/ stickysession=JSESSIONID > nofailover=On > > ProxyPassReverse / balancer://cluster/ > > > > 2. I am not sure that whether the problem occurs on the same tomcat, > because I have no any idea to confirm that. Could you give me any tips to > find it out? > > It will take a bit of work, but here are two possibility... > > If you are able to talk with the user when the problem occurs, try to > get some information from the user: the time the problem happened, the > resource that was accessed or anything else that can be used to identify > the request in the logs. > > Once you have that information, you'll need to look at the access logs > to find the user's request and see which machine the request was sent > to. > > Alternatively, if you can get the session id of the problem request, it > should have the route appended to the end of it. That would also tell > you which machine the request was sent to. > > > This problem occurs occasionally, and I really don't know whether it is > because of the session duplication or tomcat session manager itself. > > As I mentioned before, the most likely cause is due to a session, > request or response object being retained by one of your application's > servlets. Doing this can cause problems very similar to the one that > you are reporting. > > You should check your application to make sure that you never assign the > session, request or response objects to a field on your Servlet objects. > This is not thread safe and can cause a problem very similar to you are > reporting. > > Dan > > > > > > 3. But one thing I am sure is that the two users use different PC to > login, which means that cookie is not the reason at all. > > > > Any fellows have such a problem? This problem is so bad that it has > dried me and my visitors crazy, which is a big security problem! > > > > Any advice is high appreciated! > > > > Thanks in advance! > > > > > > Weffen > > > > > > 在 2012-1-11,下午9:52, Daniel Mikusa 写道: > > > > > On Wed, 2012-01-11 at 02:29 -0800, Weffen Cheung wrote: > > >> Hello, > > >> > > >> I am using 2 tomcat(7.0.11) on my server, with clustering and session > duplication. All the things are running smoothy except the session problem > sometimes: > > >> > > >> 1. userA login, userB login > > > > > > Are userA and userB on the same TC instance? > > > > > >> 2. Sometimes when userB load a page, he found that he has became > userA, it means that userB's login session data has been replaced with > userA. Don't know why. Is it a bug? > > > > > > In most cases this occurs due to a session, request or response object > > > being retained by a servlet. This is bad and can cause behaviors > > > similar to the one you are reporting. > > > > > >> Anyone encounter the same problem?? > > >> > > >> Any advice would be high appreciated! > > > > > > One other thought, what do you have in front of the two TC instances? > > > Apache HTTPD with mod_proxy? or with mod_jk? > > > > > > Have you confirmed that the correct session id is being sent from the > > > browser to your load balancer and then from the load balancer to your > TC > > > instance? > > > > > > Dan > > > > > > -- > > Weffen Cheung > > E: wef...@gmail.com > > M: 13802222618 > > > > > > >
