Hi, all. We have a web app using Tomcat & Struts. Sometimes, a particular user (and potentially others) seems to be having sessions invalidated.
After researching the problem a bit and printing out header information in our tomcat logs, we have found that the header information sometimes changes for this user.
Here are 3 examples of the same user's header info (with matching info removed). Notice how the x-forwarded-for and via parameters change. Also, the user claims that they are not using squid or a 1.1 GC-FIREWALL. Is this something the ISP is doing?
#1
--
via: 1.1 composer:3128 (squid/2.5.STABLE7), 1.0 GC-FIREWALL
x-forwarded-for: 10.0.2.65, 127.0.0.1, 206.205.193.130
cache-control: no-cache, max-age=259200
#2
--
via: 1.1 GC-FIREWALL
x-forwarded-for: 206.205.193.130
cache-control: no-cache
#3
--
via: 1.1 composer:3128 (squid/2.5.STABLE7), 1.0 GC-FIREWALL
x-forwarded-for: 10.0.1.146, 127.0.0.1, 206.205.193.130
cache-control: no-cache, max-age=259200
Any help would be greatly appreciated. If there is any additional information that is needed, please let me know.
Thanks,
Jeff
-
Session seems to get invalidated (sometimes) (1 messages)
- Posted by: Jeff Keller
- Posted on: October 21 2005 11:02 EDT
Threaded Messages (1)
- session id by bruce goldstein on October 21 2005 17:58 EDT
-
session id[ Go to top ]
- Posted by: bruce goldstein
- Posted on: October 21 2005 17:58 EDT
- in response to Jeff Keller
Check the session id (JSESSIONID) cookie. You may not have invalidated sessions but rather your users "lose" the connection to their session so they may appear to have died as their information is "gone".
You may also be running into issues where session id cannot be propagated as a cookie and it needs url rewriting.
Regards,
Bruce