Re: bizarre session time-outs
Re: bizarre session time-outs
- Subject: Re: bizarre session time-outs
- From: Patrick Middleton <email@hidden>
- Date: Thu, 3 Jun 2010 14:04:49 +0100
On 3 Jun 2010, at 11:28, Simon wrote:
hi all -
we've got a session time-out issue that is affecting just 1
specific client. all other users of the app are happy - it's just
not working for this one company.
basically, as users form this one company click around the app they
randomly get instant session time-out's. no browser hanging -
instant back to login page. we are not seeing any instance failures
- the original instance the user was talking to is just sitting
there happily waiting for requests.
as the time out is instantaneous i thought maybe it's just that
monitor for some reason is randomly reporting that the instance
they are talking to is no longer there. but i'm suspicious of the
fact that only one specific client is affected.
i'm wondering if it's something to do the connectivity between the
client and the apps (yes, yes, i'm clutching at straws, i know!)
but can't think of any logical reason how or why it would affect
things. the only thing remotely strange about the client's set up
is that all the users internet traffic (users are in the UK) is
routed through their parent companies proxy in munich. is there any
possibility that the requests are somehow getting mangled by the
proxy ?
any hints appreciated!
thanks, simon
I've seen something very much like this in the past. Web clients
behind a stupidly-aggressive proxy cache server, which cached the
login page, and the HTML of the page as cached referred to a session
that no longer exists -- or cached an "id/password not recognised"
response, which any user would subsequently receive from cache
whether they provided valid credentials or not. Adding HTTP headers
to responses to hint "do no cache this" to the the proxy did not
help. In the end we used mod_rewrite to redirect all requests
received from HTTP to HTTPS.
---
Regards Patrick
OneStep Solutions (Research) LLP
www.onestep.co.uk
This email, including any attachments, is confidential and intended solely for the person or organisation to whom it is addressed. If you are not the intended recipient you must not disseminate, distribute or copy any part of this email nor take any action in reliance on it.
If you have received this in error please notify the sender immediately by email or phone +44 (0)1702 426400 and delete this email and any attachments from your system.
Email transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of email transmission. If verification is required please request a hard-copy version.
OneStep Solutions LLP is registered in England and Wales under registration number OC337173 and has its registered office at 457 Southchurch Road, Southend-on-Sea, Essex SS1 2PH.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden