strugglejl / memcached-session-manager

Automatically exported from code.google.com/p/memcached-session-manager
0 stars 0 forks source link

Non-sticky sessions with cookies=“false” not supported #161

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
This was reported on stackoverflow 
(http://stackoverflow.com/questions/15755851/nginx-and-tomcat-with-memcached-ses
sion-manager-config-context-cookies-false):

I had some tomcat7 with memcached session manager, use nginx to proxy tomcats, 
it's ok.

When using non-sticky sessions and adding cookies="false" to tomcat context, 
one will loose sessions on every access (with jsessionid in url) with multiple 
tomcats (e.g. proxied by nginx).

This was the observation according to logs:

Nginx just proxy only one tomcat with config of cookies=“false”, 
first request, msm didn't backup session into memcached, 
next request with jsessionid in url, find session in tomcat, msm backup the 
session now.

If nginx proxy two tomcats with config of cookies=“false”,
first request, nginx proxy to TomcatA, login is ok, response 
sessionid(TomcatA), but msm didn't backup it into memcached,
next request, nginx proxy to TomcatB with sessionid(TomcatA) in url, there is 
not session in tomcat or memcached, so TomcatB create a new session,
third request, nginx proxy to TomcatA with sessionid(TomcatB's new session).
So, it always keep and share the session between two tomcat.

Original issue reported on code.google.com by martin.grotzke on 7 Apr 2013 at 9:37

GoogleCodeExporter commented 8 years ago
I could not reproduce the issue. With tomcat context attribute cookies="false" 
and jsessionid in the url (before any request params, e.g. 
http://localhost:8081/list;jsessionid=0283694EB586D6AE53628A3FA7505DE4-n2 or 
http://localhost:8081/put;jsessionid=0283694EB586D6AE53628A3FA7505DE4-n2?foo=bar
) everything works as expected.

Original comment by martin.grotzke on 14 Jun 2013 at 10:50

GoogleCodeExporter commented 8 years ago
My test was wrong, it seems that with context attribute cookies="false" and no 
cookie sent to the browser msm indeed does not detect the created session. So 
this is still open / to be fixed.

Original comment by martin.grotzke on 14 Jun 2013 at 11:53

GoogleCodeExporter commented 8 years ago

Original comment by martin.grotzke on 14 Jun 2013 at 11:55