Skip to Content
1
May 25, 2021 at 04:52 PM

Tomcat HTTP session Failover : Session ID is changing on every request.

737 Views

I am working on implementing HTTP session failover on Hybris 1905 Patch 10 as per the documentation mentioned below :

https://help.sap.com/viewer/d0224eca81e249cb821f2cdf45a82ace/1905/en-US/5da5660b2a3f4263ac3095d900d07f88.html

Below is my configuration in local.properties file:

#HTTP Session Failover

# Global Configuration

spring.session.enabled=true

spring.session.save.async.interval=5000

spring.session.save.async.queue.size=10000

spring.session.save.async.max.items=2000

spring.serialization.check.response.error=false

#Extension Specific Properties

spring.session.<custom>storefront.save=async

spring.session.<custom>storefront.cookie.name=JSESSIONID

spring.session.<custom>storefront.cookie.path=/

spring.session.<custom>storefront.secure=true

spring.session.<custom>storefront.httponly=true

session.serialization.check=true

session.serialization.check.extensions=<custom>storefront

session.replication.support=true

After following all the steps, i can see the session id changes to a new format (Y0-XXXXXX...) and the session id is getting saved at storedHttpSession table.

When i am trying to login into the application using an existing user ID, it does not show the user is logged in.

I have noticed that session id is getting changed before and after login and also on each subsequent refresh. Even before attempting login, a simple page refresh creates new JSESSIONID and JSESSIONID-B2BACC values.

Attached are the screenshots for session IDs before and after login attempt.

Why the session ID is changing every time? Is there any configuration being missed which is causing this issue?screen-shot-2021-05-25-at-102217-am.pngscreen-shot-2021-05-25-at-102125-am.png