-
Bug
-
Resolution: Obsolete
-
Major
-
None
-
7.0.2.GA, 7.1.0.DR10
When using a clustered environment there is a situation in which you can have a request infinitely bounce around the cluster. This occurs when you get a session ID with the jvmRoute of one node going to a different node in the cluster. The new node looks up the jvmRoute of the old node and reassigns it to the session ID so that the next request made goes back to the original server. This behavior results in a particularly bad situation when (for example) a node is taken out of the rotation of the load balancer, but the user keeps using the session ID. When a new node get a session with the jvmRoute of the now-removed node, it doesn't update it and tries to route the request back to the node that has been removed. This will continue until the session expires, but only happens when using the dist mode infinispan cache for jbossweb.
Version-Release number of selected component (if applicable):
The DistributedCacheManager code has been the same since EAP 6.0.
How reproducible:
Every time.
Steps to Reproduce:
1. Set up two nodes using standalone-ha.xml
2. Deploy an application that requires a session ID
3. Make a request to the first node and copy the JSESSIONID value with jvmRoute
4. Use that cookie to make a request to the second node and observe the set-cookie that get's returned (it has the original nodes jvmRoute appended).
I'm attaching a zip that you can unzip into a default EAP distribution and run the reproducer.sh script. It assumes that you have gnome-terminal and curl installed, but provides the config and app to test with.
Actual results:
The jvmRoute of the node that generated the cookie is returned.
Expected results:
The jvmRoute of the current node that is servicing the request is returned.
Additional info:
We think that this was an optimization to save a network call, but it has very bad behavior when the originating node is still in the cluster, but no longer receiving traffic. I've done a substantial bit of tracing on this issue and see that the where the problem originates is in the locate method (lines 435-452) of the jboss-as/clustering/web-infinispan/src/main/java/org/jboss/as/clustering/web/infinispan/DistributedCacheManager.java code.
- blocks
-
JBEAP-5869 [GSS](7.0.z) Using Infinispan in Distribution Mode for JBossWeb breaks session stickiness
- Closed
- is blocked by
-
WFLY-6944 Encode session affinity using multiple routes, if supported by the load balancer
- Closed
- relates to
-
JBEAP-14797 [GSS](7.2.z) A JSESSIONID's jvmRoute is forced to the original owner with a repl cache
- Closed