Welcome! Log In Create A New Profile

Advanced

losing sessions?

Posted by Ilan Berkner 
Ilan Berkner
losing sessions?
January 14, 2009 09:25PM
Hi All,

Weird situation...

On our production environment, one of our users (I have remotely connected
to their system) is losing Session information as soon as they try to do
anything past their login. Even stranger (I can tell via the title of the
page) that the session information is getting mixed up. The title of the
page should be the user's name and after clicking on a page that requires
session / cookie information, the title of the page changes to another
user's name. So something isn't right...

Our development environment (unfortunately) at this time uses Apache (we'll
be upgrading it to Nginx shortly). This issue does not exist in our
development environment.

The problem computer is behind a proxy and the proxy on that server is
configured as a "text" proxy (i.e. not ip address... rather proxy name). So
I'm not sure if that would be an issue?

Is it possible that sessions are getting mixed up between users behind a
proxy who's name is the same?

Any suggestions / thoughts?

Thanks
Valery Kholodkov
Re: losing sessions?
January 14, 2009 09:50PM
Either proxy is dumb and does caching of private copies of pages or
proxy is very smart and needs Cache-Control: private header from app.

Ilan Berkner wrote:
> Hi All,
>
> Weird situation...
>
> On our production environment, one of our users (I have remotely
> connected to their system) is losing Session information as soon as they
> try to do anything past their login. Even stranger (I can tell via the
> title of the page) that the session information is getting mixed up.
> The title of the page should be the user's name and after clicking on a
> page that requires session / cookie information, the title of the page
> changes to another user's name. So something isn't right...
>
> Our development environment (unfortunately) at this time uses Apache
> (we'll be upgrading it to Nginx shortly). This issue does not exist in
> our development environment.
>
> The problem computer is behind a proxy and the proxy on that server is
> configured as a "text" proxy (i.e. not ip address... rather proxy
> name). So I'm not sure if that would be an issue?
>
> Is it possible that sessions are getting mixed up between users behind a
> proxy who's name is the same?
>
> Any suggestions / thoughts?
>
> Thanks


--
Regards,
Valery Kholodkov
Ilan Berkner
Re: losing sessions?
January 15, 2009 01:25AM
Regarding the switching of the username via session, turns out that the page
was being partially cached by the CMS. So as one user was calling it with
their name, the internal cache would get overwritten. We have now disabled
this functionality.

Again, thanks all for your responses.

On Wed, Jan 14, 2009 at 2:53 PM, Ilan Berkner <[email protected]> wrote:

> Hi All,
>
> Weird situation...
>
> On our production environment, one of our users (I have remotely connected
> to their system) is losing Session information as soon as they try to do
> anything past their login. Even stranger (I can tell via the title of the
> page) that the session information is getting mixed up. The title of the
> page should be the user's name and after clicking on a page that requires
> session / cookie information, the title of the page changes to another
> user's name. So something isn't right...
>
> Our development environment (unfortunately) at this time uses Apache (we'll
> be upgrading it to Nginx shortly). This issue does not exist in our
> development environment.
>
> The problem computer is behind a proxy and the proxy on that server is
> configured as a "text" proxy (i.e. not ip address... rather proxy name). So
> I'm not sure if that would be an issue?
>
> Is it possible that sessions are getting mixed up between users behind a
> proxy who's name is the same?
>
> Any suggestions / thoughts?
>
> Thanks
>
Ilan Berkner
Re: losing sessions?
January 15, 2009 01:30AM
Thanks for all the responses I got, really appreciate it. I think we found
the problem... the PHP ini save_sessions directory wasn't set (oops).

On Wed, Jan 14, 2009 at 3:27 PM, Valery Kholodkov <
valery+nginxen@grid.net.ru <valery%[email protected]>> wrote:

> Either proxy is dumb and does caching of private copies of pages or proxy
> is very smart and needs Cache-Control: private header from app.
>
>
> Ilan Berkner wrote:
>
>> Hi All,
>> Weird situation...
>> On our production environment, one of our users (I have remotely
>> connected to their system) is losing Session information as soon as they try
>> to do anything past their login. Even stranger (I can tell via the title of
>> the page) that the session information is getting mixed up. The title of
>> the page should be the user's name and after clicking on a page that
>> requires session / cookie information, the title of the page changes to
>> another user's name. So something isn't right...
>> Our development environment (unfortunately) at this time uses Apache
>> (we'll be upgrading it to Nginx shortly). This issue does not exist in our
>> development environment.
>> The problem computer is behind a proxy and the proxy on that server is
>> configured as a "text" proxy (i.e. not ip address... rather proxy name). So
>> I'm not sure if that would be an issue?
>> Is it possible that sessions are getting mixed up between users behind a
>> proxy who's name is the same?
>> Any suggestions / thoughts?
>> Thanks
>>
>
>
> --
> Regards,
> Valery Kholodkov
>
>
Sorry, only registered users may post in this forum.

Click here to login