Re: Session timeout when performing an action
Re: Session timeout when performing an action
- Subject: Re: Session timeout when performing an action
- From: Schoenenberger Dominique <email@hidden>
- Date: Thu, 10 Oct 2013 07:42:25 +0000
- Thread-topic: Session timeout when performing an action
I put some log and have more information about this problem:
I have multiple instances (15 instances on 2 servers). Here what happened:
1) Click on a button using instance number 12
2) Instance number 1 receive the request and returns a session timeout because I have no session on this instance (I'm working with instance 12) (see below the log of instance 1)
3) In the browser, I got the session timeout but the url displayed is the one of instance 12 and I can do a refresh and then I get the result of the action.
Here the url:
http://ist.hq.k.grp/cgi-bin/WebObjects/ist.woa/21/wo/i8mjZt6WGfHtEPjSMDSkrg/8.2.3.0.13.1.3.3.9.5.3.0.1.0
It's like the adaptor (?) gives the request to the wrong instance.
Any idea ?
Thanks,
Dominique
Request as logged by instance 1:
<<er.extensions.appserver.ERXRequest (<er.extensions.appserver.ERXRequest httpVersion=HTTP/1.1 headers={accept=[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8], accept-encoding=[gzip,deflate,sdch], accept-language=[en-US,en;q=0.8], auth_type=[Basic], authorization=[Basic ZHNjaG9lbjpTYWI1NkFrYQ==], cache-control=[max-age=0], connection=[keep-alive], content-length=[1641], content-type=[multipart/form-data; boundary=----WebKitFormBoundaryNqbRA8fwRSF61pUm], cookie=[showTopPart=true; showLeftPart=true; defaultLook=IST], document_root=[/data/www/html], host=[ist.hq.k.grp], origin=[http://ist.hq.k.grp], referer=[http://ist.hq.k.grp/cgi-bin/WebObjects/ist.woa/21/wo/i8mjZt6WGfHtEPjSMDSkrg/7.2.3.0.13.1.3.3.9.5.3.0.1.0], remote_addr=[10.0.26.62], remote_host=[10.0.26.62], remote_port=[51359], remote_user=[email@hidden], script_filename=[/cgi-bin], server_admin=[root@localhost], server_name=[ist.hq.k.grp], server_port=[80], server_software=[Apache/2.2.3 (Red Hat)], user-agent=[Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.62 Safari/537.36], x-webobjects-adaptor-version=[Apache], x-webobjects-request-id=[5250c4a100001c73000000b2], x-webobjects-request-method=[POST, POST]} content-length=1641 cookies=null userInfo={} storePageInBacktrackCache=true >) method=POST uri=/cgi-bin/WebObjects/ist.woa/1/wo/i8mjZt6WGfHtEPjSMDSkrg/8.2.3.0.13.1.3.3.9.5.3.0.1.0 defaultFormValueEncoding=UTF-8 formValueEncodingDetectionEnabled=NO formValueEncoding=UTF-8 formValues={sendhaut = ("2.3.0.13.1.3.3.9.5.3.0.1.0.0.3.7.29.0"); 2.3.0.13.1.3.3.9.5.3.0.1.0.0.7.0.1.11.3 = ("WONoSelectionString"); 2.3.0.13.1.3.3.9.5.3.0.1.0.0.5.0.3.0.1.3.1920408901.0.1.1.2.3.1.1.0.7.1.1.3.0.2.9.0.11.0.0.1.1 = ("0"); synopsis = ("Add a check box for unlimited waiver expiration date"); 2.3.0.13.1.3.3.9.5.3.0.1.0.0.5.0.3.0.1.3.1920408901.0.1.1.2.3.1.1.0.7.1.1.3.0.2.5.13.3 = ("WONoSelectionString"); 2.3.0.13.1.3.3.9.5.3.0.1.0.0.7.0.1.15.3 = ("WONoSelectionString"); wosid = ("i8mjZt6WGfHtEPjSMDSkrg
"); 2.3.0.13.1.3.3.9.5.3.0.1.0.0.7.0.1.35.3.1 = (""); __HIDDEN__ = (""); sendbas = ("2.3.0.13.1.3.3.9.5.3.0.1.0.0.9.29.0"); 2.3.0.13.1.3.3.9.5.3.0.1.0.0.5.0.3.0.1.3.1920408901.0.1.1.2.3.1.1.0.7.1.1.3.0.2.5.7.1 = ("Corrected from"); } >>
On Nov 20, 2012, at 1:28 PM, Schoenenberger Dominique <email@hidden> wrote:
> Thanks for your answer.
>
> Yes I was using cookies but I'm trying now without cookies and I have the same problem. I don't think it's caused by other errors.
>
> I'm wondering if there would be a solution for point 2 making a strong relationship between a user and a session. I mean to have a kind of dictionary with user as key and session as value. Then, because I have the user in the request header, I could look into the dictionary for an existing session for that user and return THE session of the user and avoid creating multiple sessions for one user ? What do you think ?
>
> Dominique
>
> On Sep 17, 2012, at 7:43 PM, Chuck Hill <email@hidden> wrote:
>
>> Hi Dominique,
>>
>> Does your application store the session ID in cookies? Are you sure it is a session timed out and not some other error? If so, here are two things that can cause this:
>>
>> 1. Malformed HTML - some browsers (IE was bad for this) can send another request to the server when processing invalid HTML (they interpret something as being a server resource they need to download. The URL they use is not a valid WO url which causes a new session to get created and the cookies from this session replace those from the user's real session.
>>
>> 2. Multiple Sessions - this seems more likely to me as you mentioned "the user open many tabs in the browser". If they create a new session in one of the tabs, the cookies form this session replace those from the user's other session. When they go back to an earlier tab and click on a button or link, they get an error as those links are not valid in the new session.
>>
>> It could also be that an instance is taking too long to respond and the user's request is getting sent to a different instance which of course won't have the user's session.
>>
>>
>> Chuck
>>
>>
>>
>> On 2012-09-14, at 6:52 AM, Schoenenberger Dominique wrote:
>>
>>> I have a problem with untimely session timeout. The user is doing actions with the application but suddenly after doing something (a click on a button for example), he got a session timeout.
>>>
>>> The probability of this to occur is quite low but very annoying for the user.
>>>
>>> I suspect that it occurs when the user open many tabs in the browser (?)
>>>
>>> Could it be related to a web page having xhtml validation errors ?
>>>
>>> Thanks for any help,
>>>
>>> Dominique Schoenenberger
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Webobjects-dev mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>>
>> --
>> Chuck Hill Senior Consultant / VP Development
>>
>> Practical WebObjects - for developers who want to increase their overall knowledge of WebObjects or who are trying to solve specific problems.
>> http://www.global-village.net/gvc/practical_webobjects
>>
>>
>>
>>
>>
>>
>>
>>
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden