tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ron McNulty" <>
Subject Re: Wrong SessionID
Date Wed, 22 Jul 2009 09:09:22 GMT
Hi Uwe

I've seen something very similar when a SAP server was incorrectly 
configured to produce a JSESSIONID cookie that was global to the 
organisation, rather than scoped to the server that produced it. The 
"(J2EE13679500)" and "End" parts of the session ID look suspiciously like 
what I saw.

The only fix was to correctly configure the offending server - there is 
nothing Tomcat can do. When a browser has two cookies with the same name in 
scope, the outcome is indeterminate. We found that the wider scoped cookie 
took precedence. I've often thought the name of the JSESSIONID cookie should 
be configurable, but to my knowledge it is hard-coded.

If this is the problem, then it is your client's problem (unless you are 
seeing it from inside your intranet).



----- Original Message ----- 
From: "Poehner, Uwe" <>
To: <>
Sent: Wednesday, July 22, 2009 3:26 AM
Subject: Wrong SessionID


our tomcat servers seem to produce very sporadically a wrong JsessionID - 
instead of 58EB1F9C39278DBB72528A13EF026EFB.bsp01
we get (J2EE13679500)ID0574993050DB11991779031281660559End (without a 
dot-jvmroute) so we lose stickyness and our session.

Our environment (Hardware Loadbalancer -> 2 Apache Servers -> 2 Tomcat 
Solaris 10 8/07
Apache/2.2.6 with mod_proxy_ajp, mod_proxy_balancer, ...
Tomcat 5.5.23 with JDK 1.5.0_12-b04

Does anybody have an idea?

Thanks and Regards
To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message