0
在生產環境中 - 背後的Apache/mod_jk的tomcat_7_0_53 - 我們的客戶報告所造成的損失的隨機會話問題的問題。瀏覽器發回雄貓「可能有效」 JSESSIONID但tomcat的重建會議,並響應瀏覽器重新JESSIONID
我們調查了啓用AccessLogValve並排除請求處理中的錯誤會話處理,如以編程方式調用session.invalidate或session.setMaxTimeInterval等..我們通過HttpSessionListener接口實現捕獲和記錄HttpSessionEvent。
####################################################################################
##### Logging by AccessLogValve
##### At first access time tomcat sent cookie: JSESSIONID=ADDBC908E913C159A330C746ABFE2340;
82.112.204.155 - - [03/Mar/2016:08:27:03 +0100] "GET /rdsv5i/servlet/custom-logon/clienti-asp HTTP/1.1" Cookie="__utma=31431036.270103424.1433757878.1456913762.1456990022.212; __utmz=31431036.1433757878.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmb=31431036.1.10.1456990022; __utmt=1; __utmc=31431036; CustomLogonServlet.company=IAP; user=caruso; rds_home_page_logon=%2Frdsv5i%2Fservlet%2Fcustom-logon%2Fclienti-asp%3F1456913769327" Set-Cookie="JSESSIONID=ADDBC908E913C159A330C746ABFE2340; Path=/rdsv5i; Secure"
##### User work without problems for 10 minutes:
82.112.204.155 - - [03/Mar/2016:08:37:58 +0100] "POST /rdsv5i/spoolviewer/spoolavailable.jsp HTTP/1.1" Cookie="AlreadyConnectedGUID=f34dc1bb-a117-4405-a40d-289c73e07de9; JSESSIONID=ADDBC908E913C159A330C746ABFE2340; __utma=31431036.270103424.1433757878.1456913762.1456990022.212; __utmz=31431036.1433757878.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmb=31431036.1.10.1456990022; __utmc=31431036; CustomLogonServlet.company=IAP; user=caruso; rds_home_page_logon=%2Frdsv5i%2Fservlet%2Fcustom-logon%2Fclienti-asp%3F1456990031203" Set-Cookie="-"
#### Suddenly Tomcat send renewed JSESSIONID=28C983BAE315B709093B357C0DE7810D; ignoring browser sent back cookie: JSESSIONID=ADDBC908E913C159A330C746ABFE2340;
82.112.204.155 - - [03/Mar/2016:08:38:06 +0100] "POST /rdsv5i/spoolviewer/spoolavailable.jsp HTTP/1.1" Cookie="AlreadyConnectedGUID=f34dc1bb-a117-4405-a40d-289c73e07de9; JSESSIONID=ADDBC908E913C159A330C746ABFE2340; __utma=31431036.270103424.1433757878.1456913762.1456990022.212; __utmz=31431036.1433757878.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmb=31431036.1.10.1456990022; __utmc=31431036; CustomLogonServlet.company=IAP; user=caruso; rds_home_page_logon=%2Frdsv5i%2Fservlet%2Fcustom-logon%2Fclienti-asp%3F1456990031203" Set-Cookie="JSESSIONID=28C983BAE315B709093B357C0DE7810D; Path=/rdsv5i; Secure"
和會話丟失的問題...
#### Logging by my HttpSessionListener
##### At first access time tomcat sent cookie: JSESSIONID=ADDBC908E913C159A330C746ABFE2340;
03-Mar-2016 08:27:03.437 INFO [ajp-apr-8109-exec-5] com.rds_software.RdsUtil.http.HttpSessionEventsLogger.sessionCreated id="ADDBC908E913C159A330C746ABFE2340"
#### Suddenly Tomcat send renewed JSESSIONID=28C983BAE315B709093B357C0DE7810D;
03-Mar-2016 08:38:06.358 INFO [ajp-apr-8109-exec-6] com.rds_software.RdsUtil.http.HttpSessionEventsLogger.sessionCreated id="28C983BAE315B709093B357C0DE7810D"
#### Here destroy first access time JSESSIONID=ADDBC908E913C159A330C746ABFE2340
03-Mar-2016 09:08:43.365 INFO [ContainerBackgroundProcessor[StandardEngine[Catalina]]] com.rds_software.RdsUtil.http.HttpSessionEventsLogger.sessionDestroyed id="ADDBC908E913C159A330C746ABFE2340" lastAccessedTime="08:37" maxInactiveTimeInterval="1800" stackTrace="Stacktrace:
org.apache.catalina.session.StandardSession.expire(StandardSession.java:806)
org.apache.catalina.session.StandardSession.isValid(StandardSession.java:656)
org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:532)
org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:517)
org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1352)
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1530)
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1540)
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1540)
org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1519)
"
####################################################################################
我的問題是: 如何可能的tomcat在8點38分06秒創建一個新的會話時,瀏覽器發回JSESSIONID = ADDBC908E913C159A330C746ABFE2340和ADDBC908E913C159A330C746ABFE2340有在9:08:46被摧毀?
08:38:06 Session ADDBC908E913C159A330C746ABFE2340 not valid?
我工作了一個星期,編寫測試用例來重現這種奇怪的行爲,但沒有成功。
增加org.apache.catalina.connector.CoyoteAdapter的loglevel,似乎tomcat在某些情況下無法識別從瀏覽器發送的JSESSIONID。
#AccessLogValve say:
93.145.128.242 - - [08/Mar/2016:10:16:35 +0100] "GET /uri Cookie="JSESSIONID=CE848CE8D53223658BD8D69D5CB667D4" Set-Cookie="JSESSIONID=0D954B6C1223E63C54DB8BDA265A7B83; Path=/rdsv5i; Secure"
#CoyoteAdapter say:
08-Mar-2016 10:16:35.864 FINE [ajp-apr-8109-exec-6] org.apache.catalina.connector.CoyoteAdapter.parsePathParameters The variable [uriBC] has value [/rdsv5i/rds-its/xmlv5i/js/customers/righi.js]
08-Mar-2016 10:16:35.864 FINE [ajp-apr-8109-exec-6] org.apache.catalina.connector.CoyoteAdapter.parsePathParameters The variable [semicolon] has value [-1]
08-Mar-2016 10:16:35.864 FINE [ajp-apr-8109-exec-6] org.apache.catalina.connector.CoyoteAdapter.parsePathParameters The variable [enc] has value [ISO-8859-1]
在正常情況下,我也應該看到:
08-Mar-2016 10:16:35.864 FINE [ajp-apr-8109-exec-6] org.apache.catalina.connector.CoyoteAdapter.parseSessionCookiesId Requested cookie session id is CE848CE8D53223658BD8D69D5CB667D4
我想的cookie解析處理不當,我會嘗試重現的情況下激活RequestDumpValve。
您的服務器結構如何?你有1個http服務器,mod_jk和1個tomcat? – sgpalit
@sgpalit問題同時出現在/ uri1/*(load_balanced)和/ uri2/*(single_instance)中。我沒有配置問題的證據。但我有新聞,增加CoyoteAdapter記錄似乎tomcat的在某些情況下,是不能夠識別JSESSIONID從瀏覽器發送 –
你有會話描述符在web.xml的路徑/ rdsv5i,是這條道路在生產中也應用程序路徑? – sgpalit