Chris,
Firstly, thanks for helping out. Here are my responses to your questions. >Are all your customers using Cookies? Yes. However, URL rewriting is disabled. When I turn off cookies in any of my browsers, our website's cart functionality will not work, so if customers are complaining about their cart's being purged in the middle of checkout it is not a cookie issue with their browsers. >Do you ever switch hostnames during any of the website interactions? >That would break your Cookie trail and you would observe the user's >session "disappearing". The same thing can happen if the session cookie >was created using HTTPS and then you switch to HTTP. No we do not switch host names. customers start their sessions in HTTP and switch to HTTPS to complete checkout. Not the other way around. >Can you give us more information about the circumstances? Does it always >happen during a particular page transition? What else do these failures >have in common? It seems to happen during a transition from any one page to another, but losing sessions, primarily interests me when it occurs during the checkout process. we're recording the cart purge on various checkout pages. I don't perceive any particular commonality. At first i thought it was a browser issue, because it was happening to people who use IE 7. However, recently I noticed it occurring to Mozilla Firefox users as well. I have ruled out a browser issue client side as the culprit, especially in light of the fact that this worked fine for years with resin. One thing I have noticed is sometimes, a particular customer would get their cart purged in the middle of a checkout session, and then it would happen to the same customer/IP a few minutes later. This is why i pursued the browser line of thinking, but it doesn't explain why things worked fine for years in resin. Right now I'm pursuing two lines of thinking: 1) somehow tomcat is in fact killing off the session, so on the next request the user get's a new session, thus purging their cart since our cart system uses sessions for storage. 2) somehow amid page redirects, tomcat doesn't get the session ID from the browser and therefore issues to the browser a new session ID, so although the cart exists under the old session object, the user effectively loses their cart by receiving a new session. Do you have any suggestions for me for how to debug this in a finer more controlled fashion? Michael, _________________________________________________________________ Windows Live™ SkyDrive™: Get 25 GB of free online storage. http://windowslive.com/online/skydrive?ocid=TXT_TAGLM_WL_skydrive_042009
