|
/
Zope
/
Apsis
/
Pound Mailing List
/
Archive
/
2008
/
2008-01
/
maintaining session when switching to https
[
SSL and 302 Location header issue / "Tom ... ]
[
Status of Pound-2.3.2 X-SSL-certificate ... ]
maintaining session when switching to https
Brian Levine <beans(at)beanserver.net> |
2008-01-25 18:54:36 |
[ SNIP ]
|
I am having trouble switching users from http to https. Users need to maintain
a sticky session with the server they are balanced to, and I currently use
Session Type IP to do this.
This works while on http, but when the user makes the jump to https, which is
another pound service, they are sometimes balanced to another server.
Is there a better setting to support this scenario?
|
|
|
Re: [Pound Mailing List] maintaining session when switching to https
Ed R Zahurak <ezahurak(at)atlanticbb.net> |
2008-01-25 20:25:00 |
[ SNIP ]
|
If you have the ability to set a cookie that denotes which backend
server a person happens to be hitting, you can have both instances of
pound route their connection to a particular server based on the value
of that cookie. If no cookie is present, have pound round-robin it; on
the _next_ request, pound should see the cookie that the client will
have picked up from their round-robin'ed request, and continue to route
them to the same backend server, regardless of whether it's http or https.
E R Zahurak
Brian Levine wrote:
> I am having trouble switching users from http to https. Users need to
> maintain a sticky session with the server they are balanced to, and I
> currently use Session Type IP to do this.
> This works while on http, but when the user makes the jump to https,
> which is another pound service, they are sometimes balanced to another
> server.
> Is there a better setting to support this scenario?
>
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
>
|
|
|
Re: [Pound Mailing List] maintaining session when switching to https
Brian Levine <beans(at)beanserver.net> |
2008-01-25 22:21:29 |
[ SNIP ]
|
Thanks for the tip - looking at the docs I see:
"by cookie value: applications that use this method pass a certain
cookie back and forth. Add the lines
Session
Type Cookie
ID "sess"
TTL 300
End
"
It's unclear to me who is writing the cookie - pound or my application? If its
my application, what value belongs in the cookie?
Thanks for the help.
Ed R Zahurak wrote:
> If you have the ability to set a cookie that denotes which backend
> server a person happens to be hitting, you can have both instances of
> pound route their connection to a particular server based on the value
> of that cookie. If no cookie is present, have pound round-robin it;
> on the _next_ request, pound should see the cookie that the client
> will have picked up from their round-robin'ed request, and continue to
> route them to the same backend server, regardless of whether it's http
> or https.
>
> E R Zahurak
>
> Brian Levine wrote:
>> I am having trouble switching users from http to https. Users need
>> to maintain a sticky session with the server they are balanced to,
>> and I currently use Session Type IP to do this. This works while on
>> http, but when the user makes the jump to https, which is another
>> pound service, they are sometimes balanced to another server. Is
>> there a better setting to support this scenario?
>>
>>
>> --
>> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
>> Please contact roseg(at)apsis.ch for questions.
>>
>
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
|
|
|
Re: [Pound Mailing List] maintaining session when switching to https
Falk Brockerhoff <noc(at)smartterra.de> |
2008-01-25 23:26:42 |
[ SNIP ]
|
Brian Levine wrote:
> It's unclear to me who is writing the cookie - pound or my application?
> If its my application, what value belongs in the cookie?
Your application has to set the cookie. Insert any value you like - as
it is unique for every visitor. I recommend to insert the session id.
Falk
|
|
|
Re: [Pound Mailing List] maintaining session when switching to https
Brian Levine <beans(at)beanserver.net> |
2008-01-26 11:39:39 |
[ SNIP ]
|
Thanks again for the tip - I am now writing the session id into the
user's cookie, but i notice that pound still might balance the user to a
different machine when they make the switch to https. Since HTTP and
HTTPS are separated out in pound config, and session is defined per
service, is it really possible to use pound in this way?
Falk Brockerhoff wrote:
> Brian Levine wrote:
>
>> It's unclear to me who is writing the cookie - pound or my
>> application? If its my application, what value belongs in the cookie?
>
> Your application has to set the cookie. Insert any value you like - as
> it is unique for every visitor. I recommend to insert the session id.
>
> Falk
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
|
|
|
Re: [Pound Mailing List] maintaining session when switching to https
Brian Levine <beans(at)beanserver.net> |
2008-01-30 21:55:52 |
[ SNIP ]
|
Sorry for the repeated messages on the topic, but I'd really like to
understand if pound can service switching a user over from http to
https while maintaining a sticky session with a server. I reason below
since http and https are defined as separate pound services it would not
be possible, can anyone authoritatively confirm or deny this?
Brian Levine wrote:
> Thanks again for the tip - I am now writing the session id into the
> user's cookie, but i notice that pound still might balance the user to
> a different machine when they make the switch to https. Since HTTP
> and HTTPS are separated out in pound config, and session is defined
> per service, is it really possible to use pound in this way?
>
> Falk Brockerhoff wrote:
>> Brian Levine wrote:
>>
>>> It's unclear to me who is writing the cookie - pound or my
>>> application? If its my application, what value belongs in the cookie?
>>
>> Your application has to set the cookie. Insert any value you like -
>> as it is unique for every visitor. I recommend to insert the session id.
>>
>> Falk
>>
>> --
>> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
>> Please contact roseg(at)apsis.ch for questions.
>
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
|
|
|
Re: [Pound Mailing List] maintaining session when switching to https
"Francois Rejete" <francois(at)rejete.com> |
2008-01-31 02:40:59 |
[ SNIP ]
|
I'm pretty sure it's impossible to share the session table, be it IP or
Cookie based, between different services or listeners without patching the
code.
On Jan 31, 2008 5:55 AM, Brian Levine <beans(at)beanserver.net> wrote:
> Sorry for the repeated messages on the topic, but I'd really like to
> understand if pound can service switching a user over from http to
> https while maintaining a sticky session with a server. I reason below
> since http and https are defined as separate pound services it would not
> be possible, can anyone authoritatively confirm or deny this?
>
>
|
|
|
|
|
|
