-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Jon,
On 2/11/20 2:35 PM, exabrial wrote: > https://stackoverflow.com/questions/59833043/tomcat-logs-user-out-duri ng-session-failover-event-and-restarts > > > > We've implemented session replication using Redisson, but we noticed > that if we intentionally fail a node, the user's sessions do get > replicated, but they're logged out when they're restored on the new > server. What exactly do you mean when you say "logged-out"? > Is there a way to make this work properly so the user doesn't get > logged out during a failover event? > > Most /More importantly, is there a technical or security reason for > this? FYI the servlet specification does not guarantee that <distributable> web applications also transfer authentication information. > If you look at the Tomcat code, they actively try and avoid > serialization the Security Principal: > > https://github.com/apache/tomcat/blob/master/java/org/apache/catalina/ session/StandardSession.java#L1559 > > https://github.com/apache/tomcat/blob/master/java/org/apache/catalina/se ssion/StandardSession.java#L234 That code is for serializing the whole session, not transmitting session information between cluster nodes. You need to read the code for the various ClusterManagers and (more importantly), the DeltaSession class. Which SessionManager are you using? If it's one from Redisson, then you should look at their code and not Tomcat's code. - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl5DKmgACgkQHPApP6U8 pFj5fA/+MtxPWjtoiRCcfPJSvjdZjjZA1PbiTPSxXqtizg17071kQJVXy3GONP6O AONwDkm/+2yNo6RJvRH2WW5qLZgX9FvNekUVkDeM+MvNOwszqAx/doXgCwO1ljy3 Dv1uOgWCGE2ktAig3Cul9BICGmq6hhcfI9yT0oicrrxKI9njpVKhhJijLvJEZNFp GeSwU2QMRR25asinBvCJ2L6wMFM5ppXjpwoWVvI1G+UlFYEUOZAAlNAsq/Dblmuo 45GrNQdw2LyKfjt/lLaQrjEOx3KoHtfIKBOxSBgwJFykx/w3RmoEXONrwj6tuTyG HVSvLITH0rky301YvXPqrEAseW0816grwbCkP1HrmDfbpVCQ/1QUb+ceKEHzLuOr 8XPha3M0xDhFF9daEqJcYurcIC6NCMy0UuvaSfvh3ICy/RFL2K4Sql9SRGnj4eLV 8QJTMHgKDD3Gie2wHr9gYDwj7gtkjHGJrMyCNOh1bTNSQKkabFlsUL1uiEOJ0QgR EkLketZAhWNGMiaS4X41jtqQymL5zJI7P7KqGy0LmuZErZt6qot/5If0osgnl1V+ wjP6YjBU2i9YajNJB57JFtx3AkCRXUXZm4vAQnG8v//ECsWOrggdlQvF+W5r2mXr 50z5n2LUbUrKTX9N3ailoNczmZ/MyEhUhyTT7xmqSjLXtlFPO7g= =UkyD -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
