Hi Chris, They all have a keep-alive, already.
>I don't see a single session id in any of those requests, other than >the "ib" token you said is generated by "the rack" (a load-balancer?). >Are you sure you have any session at all? Yes, I have this working in a Windows environment, and it requires a session as well. Rack is a bundle of fun, since this application is a Jruby application, which is being converted into a Java application to run on Tomcat. That's a whole other can of worms :) On another note, I'm currently trying to search and see if there's anywhere that Tomcat writes to that might be causing a permissions error in the linux environment. Finding info on this is proving to be a bit...difficult, though. Kind Regards, Rory -----Original Message----- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: 03 February 2015 20:40 To: Tomcat Users List Subject: Re: Session being dropped in Virtual Host in 8.0.9 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Rory, On 2/3/15 6:04 AM, Rory Kelly wrote: > Sorry for the late reply, I wound up working from home yesterday, and > access to the server was less than ideal I'm just gonna dump the > Headers from the login get, through to when it dumps me back out at > the login. > > ##Login > > #request POST /login HTTP/1.1redacted.site.io User-Agent: > Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 > Firefox/35.0 Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate > Referer: http://redacted.site.io/login Cookie: > ib=0c270113fc19aebbd07dd40bb401a3695d17cd722fa5d0b3743cfb8c7ef87836 > > Connection: keep-alive > > #response HTTP/1.1 200 OK Cache-Control: no-cache, no-store, > must-revalidate, max-age=0 Connection: keep-alive Content-Length: > 0 Content-Type: text/html;charset=utf-8 Date: Tue, 03 Feb 2015 > 10:52:07 GMT Location: http://redacted.site.io/login/challenge > Server: nginx/1.6.2 (Ubuntu) Set-Cookie: > ib=0c270113fc19aebbd07dd40bb401a3695d17cd722fa5d0b3743cfb8c7ef87836; > path=/; expires=Tue, 03 Feb 2015 10:57:07 -0000; HttpOnly > X-XSS-Protection: 1; mode=block x-content-type-options: nosniff > x-frame-options: SAMEORIGIN > > #request GET /login/challenge HTTP/1.1redacted.sitename.io > Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 > Firefox/35.0 > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > en-US,en;q=0.5 gzip, deflate http://redacted.sitename.io/login > ib=0c270113fc19aebbd07dd40bb401a3695d17cd722fa5d0b3743cfb8c7ef87836 > > keep-alive > > #response HTTP/1.1 200 OK nginx/1.6.2 (Ubuntu) Tue, 03 Feb 2015 > 10:47:37 GMT text/html;charset=utf-8 chunked keep-alive no-cache, > no-store, must-revalidate, max-age=0 1; mode=block nosniff > SAMEORIGIN > ib=0c270113fc19aebbd07dd40bb401a3695d17cd722fa5d0b3743cfb8c7ef87836; > path=/; expires=Tue, 03 Feb 2015 10:52:37 -0000; HttpOnly gzip > > > ##Challenge > > #request POST /login/challenge HTTP/1.1redacted.site.io User-Agent: > Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 > Firefox/35.0 Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate > Referer: http://redacted.site.io/login/challenge Cookie: > ib=0c270113fc19aebbd07dd40bb401a3695d17cd722fa5d0b3743cfb8c7ef87836 > > Connection: keep-alive > > #response HTTP/1.1 200 OK Cache-Control: no-cache, no-store, > must-revalidate, max-age=0 Connection: keep-alive Content-Length: > 0 Content-Type: text/html;charset=utf-8 Date: Tue, 03 Feb 2015 > 10:50:03 GMT Location: http://redacted.site.io/statements Server: > nginx/1.6.2 (Ubuntu) Set-Cookie: > ib=0c270113fc19aebbd07dd40bb401a3695d17cd722fa5d0b3743cfb8c7ef87836; > path=/; expires=Tue, 03 Feb 2015 10:55:03 -0000; HttpOnly > X-XSS-Protection: 1; mode=block x-content-type-options: nosniff > x-frame-options: SAMEORIGIN > > #Request for /statements #request GET /statements > HTTP/1.1redacted.site.io User-Agent: Mozilla/5.0 (Windows NT 6.1; > WOW64; rv:35.0) Gecko/20100101 Firefox/35.0 Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate > Referer: http://redacted.site.io/login/challenge Cookie: > ib=0c270113fc19aebbd07dd40bb401a3695d17cd722fa5d0b3743cfb8c7ef87836 > > Connection: keep-alive > > #response HTTP/1.1 302 Found Cache-Control: no-cache, no-store, > must-revalidate, max-age=0 Connection: keep-alive Content-Length: > 0 Content-Type: text/html;charset=utf-8 Date: Tue, 03 Feb 2015 > 10:50:03 GMT Location: http://redacted.site.io/login Server: > nginx/1.6.2 (Ubuntu) Set-Cookie: > ib=0c270113fc19aebbd07dd40bb401a3695d17cd722fa5d0b3743cfb8c7ef87836; > path=/; expires=Tue, 03 Feb 2015 10:55:03 -0000; HttpOnly > X-XSS-Protection: 1; mode=block x-content-type-options: nosniff > x-frame-options: SAMEORIGIN > > ##Redirect GET /login HTTP/1.1redacted.site.io User-Agent: > Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 > Firefox/35.0 Accept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate > Referer: http://boyle.fern.io/login/challenge Cookie: > ib=f7e8f6d4823853063b94e16a1f5252b06b62de621361f67ac6fdeca7259c0ec3 > > Connection: keep-alive > > HTTP/1.1 200 OK Cache-Control: no-cache, no-store, must-revalidate, > max-age=0 Connection: keep-alive Content-Encoding: gzip > Content-Type: text/html;charset=utf-8 Date: Tue, 03 Feb 2015 > 11:02:06 GMT Server: nginx/1.6.2 (Ubuntu) Set-Cookie: > ib=f7e8f6d4823853063b94e16a1f5252b06b62de621361f67ac6fdeca7259c0ec3; > path=/; expires=Tue, 03 Feb 2015 11:07:06 -0000; HttpOnly > Transfer-Encoding: chunked X-XSS-Protection: 1; mode=block > x-content-type-options: nosniff x-frame-options: SAMEORIGIN I don't see a single session id in any of those requests, other than the "ib" token you said is generated by "the rack" (a load-balancer?). Are you sure you have any session at all? - -chris --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
