httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sander Temme <>
Subject Re: [users@httpd] Two sessions or one session when connect to two load-balanced webServers?
Date Thu, 28 Jun 2007 18:50:10 GMT

On Jun 28, 2007, at 10:23 AM, Qingshan Xie wrote:

> I have two questions on Sessions and Connections.
> 1. If a browser sends multiple requests and
> establishes Two Connections with an Apache server, how
> many sessions it will be generated, one or two?

The answer is None. HTTP is stateless, and Apache does not generate  

Perhaps your back-end application does preserve state in some way, by  
generating session cookies or encoding session information into the URL.

In the latter case, the browser should send the session cookie along  
with the second request, or access session-encoded URLs to load  
additional resources (images, JavaScript, ...).  Such secondary  
requests are always based on information obtained from the first  
request, even if they appear to occur simultaneously.

Use HTTPWatch or IEWatch to find out what exactly happens when your  
browser makes a request, and what cookies get passed back and forth.

> 2. If a browser sends multiple HTTPS requests to two
> load-balanced Apache servers, how many sessions will
> be generated?  I guess it will generate at least two
> sessions with two different sessionKeys, sessionIDs.
> If this is true, will there be a session conflict
> occurring?

HTTPS is HTTP piped over SSL. At the HTTP protocol level, the answer  
is exactly the same as above.

At the SSL level, an SSL session is generated and likely re-used for  
subsequent requests IF you have SSL Session Caching set up  
correctly.  However, this is completely transparent to the protocol  
on top of SSL and has no impact on the state of your application.

To troubleshoot session problems, load up IEWatch or HTTPWatch or  
some other protocol inspection tool and look at things like:

1) What cookies get set by the server in the initial response?
2) What path value comes with the session cookie?
3) Does the cookie get passed back to the server by subsequent requests?
4) Does the server respect the cookie from 3), or does it try to set  
a new
    session cookie?

Once again, this is application level troubleshooting, and has little  
to do with Apache itself.



Sander Temme
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF

View raw message