|
/
Zope
/
Apsis
/
Pound Mailing List
/
Archive
/
2007
/
2007-09
/
jsessionid as hidden parameter - like /styles/div.css;jsessionid=F07D663CA96E1AD6EAE14400353B89D5.jvm3
[
HTTPS for multiple domains / aT ... ]
[
Pound ISSUE / Adrian Bucur ... ]
jsessionid as hidden parameter - like /styles/div.css;jsessionid=F07D663CA96E1AD6EAE14400353B89D5.jvm3
notbuu <notbuu(at)gmail.com> |
2007-09-03 13:45:30 |
[ SNIP ]
|
hello at all!
i have an configuration problem with session tracking based on jsessionid.
normaly jsessionid is set per client cookie. if i define an session config
with type cookie and id "jsessionid" all is working without any problems.
but, if the client has disabled cookies the session id is posted within the
url as hidden parameter like:
/zzzzzz/images/locale/de_AT.gif;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3
pound does not recognize this sessionid and shots the client requests to
different backends.
here is an logfile output
Sep 3 13:32:18 p2 pound: client1 GET /zzzz/styles/styles.css;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend1:8080) 0.004 sec
Sep 3 13:32:18 p2 pound: client1 GET /zzzz/styles/input.css;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend3:8080) 0.002 sec
Sep 3 13:32:18 p2 pound: client1 GET /zzzz/styles/nav.css;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend1:8080) 0.002 sec
Sep 3 13:32:18 p2 pound: client1 GET /zzzz/styles/div.css;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend2:8080) 0.003 sec
Sep 3 13:32:18 p2 pound: client1 GET /zzzz/scripts/overlib.js;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend3:8080) 0.007 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/scripts/overlib_hideform.js;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend1:8080) 0.003 sec
Sep 3 13:32:18 p2 pound: client1 GET /zzzz/scripts/scripts.js;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend2:8080) 0.004 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/images/testserver_logo_126x40.jpg;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend2:8080) 0.003 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/images/locale/cs_CZ.gif;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend4:8080) 0.003 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/images/locale/de_AT.gif;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend2:8080) 0.002 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/images/locale/de_DE.gif;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend4:8080) 0.001 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/images/locale/en_US.gif;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend2:8080) 0.001 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/images/locale/hr_HR.gif;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend2:8080) 0.002 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/images/locale/nl_NL.gif;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend1:8080) 0.003 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/images/locale/hu_HU.gif;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend1:8080) 0.003 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/images/locale/pl_PL.gif;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend3:8080) 0.003 sec
Sep 3 13:32:18 p2 pound: client1 GET
/zzzz/images/locale/sk_SK.gif;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend3:8080) 0.002 sec
Sep 3 13:32:18 p2 pound: client1 GET /zzzz/images/zzzz.ico;jsessionid=
F07D663CA96E1AD6EAE14400353B89D5.jvm3 HTTP/1.1 - HTTP/1.1 200 OK
(pound:8080/- -> backend2:8080) 0.004 sec
can anyone help me?
as you can see, the client requests are sent to all backends - but all with
the same sessionid. the client
is not fixed to one backend.
thank you for all your help!
mario
|
|
|
|
|
Re: [Pound Mailing List] jsessionid as hidden parameter - like /styles/div.css;jsessionid=F07D663CA96E1AD6EAE14400353B89D5.jvm3
Robert Segall <roseg(at)apsis.ch> |
2007-09-13 18:19:09 |
[ SNIP ]
|
On Mon, 2007-09-03 at 13:45 +0200, notbuu wrote:
> hello at all!
>
> i have an configuration problem with session tracking based on jsessionid.
>
> normaly jsessionid is set per client cookie. if i define an session config
> with type cookie and id "jsessionid" all is working without any problems.
>
> but, if the client has disabled cookies the session id is posted within the
> url as hidden parameter like:
> /zzzzzz/images/locale/de_AT.gif;jsessionid=
> F07D663CA96E1AD6EAE14400353B89D5.jvm3
>
> pound does not recognize this sessionid and shots the client requests to
> different backends.
I wonder how does your browser deal with this parameter? After all it
needs to get it and send it back to the server.
Adding a session option to support this would not be too difficult, but
is it worth it? Who needs this?
--
Robert Segall
Apsis GmbH
Postfach, Uetikon am See, CH-8707
Tel: +41-44-920 4904
|
|
|
Re: [Pound Mailing List] jsessionid as hidden parameter - like /styles/div.css;jsessionid=F07D663CA96E1AD6EAE14400353B89D5.jvm3
"Ted Dunning" <tdunning(at)veoh.com> |
2007-09-13 20:01:24 |
[ SNIP ]
|
This is a very common mechanism on Tomcat based servers.
On 9/13/07 9:19 AM, "Robert Segall" <roseg(at)apsis.ch> wrote:
> ...[cookies disabled pushes jsessionid into query string] ...
> Adding a session option to support this would not be too difficult, but
> is it worth it? Who needs this?
|
|
|
|
|
Re: [Pound Mailing List] jsessionid as hidden parameter - like /styles/div.css;jsessionid=F07D663CA96E1AD6EAE14400353B89D5.jvm3
notbuu <notbuu(at)gmail.com> |
2007-09-14 11:12:39 |
[ SNIP ]
|
hello!
thank you for all the answers!
yes, this is an big need for us because we are using pound as loadbalancer
for a big tomcat farm and tomcat clusters.
currently it works with the cookie option, but if a client has cookies
denied he could not login to the application.
the applications are using cookies as primary storage place for the
jsessionid. if this is not possible the application passes the jsessionid to
the client via hidden parameter.
we are using pound as load balancer because it is more scaleable as an
apache ajp13 load balancer.
apache is slowing down if there are more den 650 active sessions. as i have
read in the apache documentation
the newer module mod_proxy_ajp should be better BUT pound does not cache the
connections!
and this is an great advantage because if an backend dies it will not try to
cache the connections until he self dies like apache do (out of session, the
hole loadbalancer dies).
so pound runs without problems even the last clusternode dies and not
before!
so if it will not be too difficult to implement such an session option it
would be an great advantage for pound.
if you want i can test beta releases in our tomcat test cluster if this
feature will be present.
thank you very much for all you help!
mario
2007/9/13, Ted Dunning <tdunning(at)veoh.com>:
>
>
> This is a very common mechanism on Tomcat based servers.
>
>
> On 9/13/07 9:19 AM, "Robert Segall" <roseg(at)apsis.ch> wrote:
> > ...[cookies disabled pushes jsessionid into query string] ...
>
> > Adding a session option to support this would not be too difficult, but
> > is it worth it? Who needs this?
>
>
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
>
|
|
|
|
|
|
