Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Tomcat create a new session for every request

I am working on this problem for 2 days now and I am hoping that anyone here had a similar problem and a solution for that.

The problem: It's a Spring MVC (2.5.6.) Web Application, which runs in Tomcat 6. When the start page is requested it redirects the customer to a JSP Page (by using HTML's meta refresh tags) which loads it's content with a lot of Ajax requests (Framework: Prototype). The problem is that Tomcat creates a new session for every AJAX requests (about 67 sessions). My first thought was that the Session Cookie is stored after the start page is loaded and the Ajax requests forces the Tomcat to create a new session. My approach was to create the session cookie by hand, but this did not make any difference. The funny thing is that it works in some other tomcat instances, but not in the desired environment for the integration tests. In my opinion it's a Tomcat configuration issue.

After further investigation with Firebug, I found out that Tomcat creates a new Session for every request even if the right JSESSIONID is transfered to it (50B5EA0BCFE811C744CE9C1F9EDE0097):

Request Header 1: 
Cookie JSESSIONID=F3206CBF2C961E125821FF22FA31A02D

Response Header 1:
Set-Cookie JSESSIONID=49E000B4D6880F4F94531AB9C78DB667; Path=/JOCA-Music-Portal   JSESSIONID=50B5EA0BCFE811C744CE9C1F9EDE0097; Path=/JOCA-Music-Portal

Request Header 2:
Cookie JSESSIONID=50B5EA0BCFE811C744CE9C1F9EDE0097

Response Header 2:
Set-Cookie JSESSIONID=DCCA2D1B98D11223A6B8855800276E27; Path=/JOCA-Music-Portal

UPDATE: Further investigation isolated the problem to the Tomcat Realm configuration. We use a JDBC Realm for login. When the login is deativated, only one Session is created. If it's activated, Tomcat creates invalidated/expired sessions, that's why a new session is created with each request. But why does Tomcat behave like this?

I'm really desperate, so any thought/hint/solution is well appreciated.

Thank you very much

like image 220
Fabe Avatar asked Nov 24 '10 20:11

Fabe


1 Answers

You can try to analyze the HTTP traffic between your client and your server. Make sure the Cookie header is set correctly in the request and the response.

If using Firefox, you can try to debug with Firebug.

like image 105
gawi Avatar answered Oct 01 '22 16:10

gawi