tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Clemens Eisserer" <>
Subject Howto ensure session consistency in a cluster?
Date Sun, 28 Jan 2007 13:05:14 GMT

I've some questions about servlets and session management in a
clustered tomcat installation:

- The servlet I've developed is really sensitive to
session-consistency because it uses some extra encryption (not https),
it supports many other backends (among servlet) where https may not be
This encryption-state exists per-session. Therefor two requests at the
same time with the same session will lead to a failure (but can happen
because the client is multithreaded).
Is there any possibility to tell tomcat that a session may used/opened
only once at a time or is this done automatically?
For now (one server) I simply synchronize on one lock-attribute, which
does not work in a cluter of course.

- Is the bea-apache plugin also capable of parsing out
session-id-rewritten URLs or only session-cookies?
Will this plugin try to route the same session-id to the same cluster
when possible?

- Do all session-attributes have to implement Serializeable?

- How does tomcat now whan a mutable session-attribute has changed and
needs to be sent over network?

- Is there any possibility to do locking over all clusters? We have
some external resources why may only be accessed one at a time, and
e.g. an cluster-aware implementation of ReentrantLock would really
help me.

Thank you in advance, lg Clemens

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message