tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lataxes, Karl" <>
Subject RE: Sticky Session Not Working With Apache 2.0.54 and Tomcat 7.0.8
Date Tue, 09 Aug 2011 18:45:15 GMT
Our clients cannot send or process JSESSIONIDs as they are not web browsers, but proprietary
equipment running embedded software that sends HTTP POST messages to a servlet on our internal
network.  The servlet keeps track of sessions internally by assigning a session id which is
contained within the HTTP request body.

I believe my best solution would be to send an additional header containing the session id
with the servlet response and using that for sticky sessions.  I am working with our embedded
software developers on sending this header back to the servlet during subsequent client requests
to facilitate sticky sessions.  I know I will probably have to go to Apache 2.2 to accommodate
this, but that was something I expected.

I am somewhat unfamiliar with these aspects of Tomcat/Apache and I'm learning a lot of this
stuff on the fly, so please forgive the stupid questions. 

-----Original Message-----
From: Christopher Schultz [] 
Sent: Monday, August 08, 2011 12:14 PM
To: Tomcat Users List
Subject: Re: Sticky Session Not Working With Apache 2.0.54 and Tomcat 7.0.8

Hash: SHA1


On 8/5/2011 7:49 AM, Lataxes, Karl wrote:
> After some testing, I determined that appending the session ID to the 
> URL will not work.

Why not?

> I can, however, add the session ID as a new HTTP header, but I have to 
> determine which modules to use (mod_headers, mod_proxy, 
> mod_proxy_http, mod_proxy_balancer?)

How about just having the client send JSESSIONID in the way that Tomcat expects it?

> and how to configure sticky sessions using the new HTTP header.  I am 
> somewhat unfamiliar with this aspect of Apache, so is anyone able to 
> point me in the right direction?

You said that your client was sending this information:

"session-id= <unique_client_identifier>-<current_time_in_milliseconds>"

but you never said where that information was. If it's in the query-string of the URL, then
it should be easy to fetch and set into a request header.

To fetch the session id, you can do something like this:

SetEnvIf "Request_URI" "/session-id=([A-Za-z0-1.]+)-/" SESSION_ID=$1

That will set an environment variable SESSION_ID to an id passed-in via the query string (unless
you have the misfortune of having "session-id=[A-Za-z0-1.]+" somewhere else in your URL, too).
You might have to tweak the regular expression if it won't match your "unique_client_identifier"
which I'm assuming is the Tomcat session id.

If you can use mod_headers /before/ mod_jk gets it's hands on things, you ought to be able
to do something like this:

RequestHeader append "Cookie" "JSESSIONID=%{SESSION_ID}e"

That will set the "JSESSIONID" cookie header to the value of the session id retrieved from
the query string above.

I hope that gets you on the right track.

- -chris
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla -


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message