Home > Software design >  session replication without loadbalancer
session replication without loadbalancer

Time:02-16

I am trying to set up session replication between two tomcat servers(server1,server2) in two different machines. I am using StaticMembershipInterceptor and StaticMember instead of Multicast. I am not using any loadbalancer. Below is the site mainly I have followed. I referred this configuration as this is the exact requirement I have.

http://khaidoan.wikidot.com/tomcat-cluster-session-replication-without-multicasting

I am using Tomcat9.

What I am expecting is after the above configuration is:

Server1: Tomcat A
Server2: Tomcat B

Exected Result :

Firststep: I start the Tomcat A. Load the webpage.(http://server1:8080) Login to application by entering username and password and session is created.

Secondstep: I start the Tomcat B. Load the webpage.(http://server2:8080). It should automcatically login to the application without entering username and password. No login page should be available.

Actual Result after the above configuration:

In Secondstep: Login page is available. the reason why login page appears is it creates different session.

When I tested the same configuration in the two nodes of same machine, it works fine. But in different machine, it does not work.

What I tried so far:

  • Checked the log file of two tomcats - I can see the connection is established.

  • Made sure has distributable tag

  • Also added the same in context.xml

  • Tried adding inside the tag as I saw it in couple of forum.

  • Checked netstat -ano I could see ports are listening at 4100 in both the machines

Am I missing any other configuration? Not sure why it does not work.

CodePudding user response:

I'm assuming you are using cookie-based session-tracking, because it is enabled by default and is preferred over URL-based session-tracking in Tomcat if the client is willing to send JSESSIONID cookies.

Cookies are scoped to a particular hostname and path. So, when you login to Tomcat A (http://server1:8080), you get a cookie scoped to server1/path. Wen you visit Tomcat B (http://server2:8080), your cookie for server1 isn't sent and you are challenged to login.

If you want this to work, you will need to choose one of the following options:

  1. Use a reverse-proxy / load-balancer
  2. Use multiple-IP DNS to resolve server (not server or server2) to multiple IP addresses, each pointing to a separate Tomcat instance
  3. Disable cookie-based session tracking

But the way you are testing things cannot work due to the rules browsers follow for HTTP cookie handling.

  • Related