But you said you are using Apache as front end right? And here you are using mod_proxy_balancer to reverse-proxy right?
> ProxyPass / balancer://cluster/ stickysession=JSESSIONID nofailover=On > ProxyPassReverse / balancer://cluster/ > You use sticky sessions on your proxy based on the JSESSIONID right? So the point is the balancer in your Apache frontend proxy should have the parameters synchronized with your backend Tomcat servers otherwise your sessions might end up on a wrong Tomcat server when proxying. Hope this makes sense?! Igor On Thu, Jan 12, 2012 at 12:35 PM, Selvakumar Subramanian < sselvakum...@gmail.com> wrote: > Hi Igor, > > Thanks for your reply...We are using apache tomact not the http > server....Hope the below parameter is to be used for apache http server > right? Pls correct me, if i am wrong in understanding > > Thanks > Selva > > On Wed, Jan 11, 2012 at 6:34 PM, Igor Cicimov <icici...@gmail.com> wrote: > > > And have you set jvmRoute parameter in the server.xml file on the tomcats > > to match the route value you use in the balancer? > > > > Maybe read the following section of the mod_proxy_balancer carefully to > > make sure all the dependencies are meat: > > > > > > > http://httpd.apache.org/docs/2.2/mod/mod_proxy_balancer.html#stickyness_implementation > > > > > > Igor > > On Thu, Jan 12, 2012 at 8:42 AM, Daniel Mikusa <dmik...@vmware.com> > wrote: > > > > > On Wed, 2012-01-11 at 10:21 -0800, Weffen Cheung wrote: > > > > Hello, > > > > > > > > First Thanks for your reply, Dan. > > > > > > > > 1. Yes, I am using apache2+mod_proxy in front of the two tomcats, > here > > > are the configuration in httpd.conf: > > > > > > > > ProxyPass /images/ ! > > > > ProxyPass /css/ ! > > > > ProxyPass /js/ ! > > > > ProxyPass /photo/ ! > > > > ProxyPass /icon/ ! > > > > ProxyPass /pg/ ! > > > > ProxyPass /job/ ! > > > > ProxyPass /maintenance/ ! > > > > ProxyRequests Off > > > > > > > > <Proxy balancer://cluster/> > > > > BalancerMember ajp://localhost:8009/ route=tomcat > > > loadfactor=1 > > > > BalancerMember ajp://localhost:8010/ route=tomcat2 > > > loadfactor=1 > > > > </Proxy> > > > > ProxyPass / balancer://cluster/ stickysession=JSESSIONID > > > nofailover=On > > > > ProxyPassReverse / balancer://cluster/ > > > > > > > > 2. I am not sure that whether the problem occurs on the same tomcat, > > > because I have no any idea to confirm that. Could you give me any tips > to > > > find it out? > > > > > > It will take a bit of work, but here are two possibility... > > > > > > If you are able to talk with the user when the problem occurs, try to > > > get some information from the user: the time the problem happened, the > > > resource that was accessed or anything else that can be used to > identify > > > the request in the logs. > > > > > > Once you have that information, you'll need to look at the access logs > > > to find the user's request and see which machine the request was sent > > > to. > > > > > > Alternatively, if you can get the session id of the problem request, it > > > should have the route appended to the end of it. That would also tell > > > you which machine the request was sent to. > > > > > > > This problem occurs occasionally, and I really don't know whether it > is > > > because of the session duplication or tomcat session manager itself. > > > > > > As I mentioned before, the most likely cause is due to a session, > > > request or response object being retained by one of your application's > > > servlets. Doing this can cause problems very similar to the one that > > > you are reporting. > > > > > > You should check your application to make sure that you never assign > the > > > session, request or response objects to a field on your Servlet > objects. > > > This is not thread safe and can cause a problem very similar to you are > > > reporting. > > > > > > Dan > > > > > > > > > > > > > > 3. But one thing I am sure is that the two users use different PC to > > > login, which means that cookie is not the reason at all. > > > > > > > > Any fellows have such a problem? This problem is so bad that it has > > > dried me and my visitors crazy, which is a big security problem! > > > > > > > > Any advice is high appreciated! > > > > > > > > Thanks in advance! > > > > > > > > > > > > Weffen > > > > > > > > > > > > 在 2012-1-11,下午9:52, Daniel Mikusa 写道: > > > > > > > > > On Wed, 2012-01-11 at 02:29 -0800, Weffen Cheung wrote: > > > > >> Hello, > > > > >> > > > > >> I am using 2 tomcat(7.0.11) on my server, with clustering and > > session > > > duplication. All the things are running smoothy except the session > > problem > > > sometimes: > > > > >> > > > > >> 1. userA login, userB login > > > > > > > > > > Are userA and userB on the same TC instance? > > > > > > > > > >> 2. Sometimes when userB load a page, he found that he has became > > > userA, it means that userB's login session data has been replaced with > > > userA. Don't know why. Is it a bug? > > > > > > > > > > In most cases this occurs due to a session, request or response > > object > > > > > being retained by a servlet. This is bad and can cause behaviors > > > > > similar to the one you are reporting. > > > > > > > > > >> Anyone encounter the same problem?? > > > > >> > > > > >> Any advice would be high appreciated! > > > > > > > > > > One other thought, what do you have in front of the two TC > instances? > > > > > Apache HTTPD with mod_proxy? or with mod_jk? > > > > > > > > > > Have you confirmed that the correct session id is being sent from > the > > > > > browser to your load balancer and then from the load balancer to > your > > > TC > > > > > instance? > > > > > > > > > > Dan > > > > > > > > > > > > -- > > > > Weffen Cheung > > > > E: wef...@gmail.com > > > > M: 13802222618 > > > > > > > > > > > > > > > > > >
