We are facing issues on session sharing in jboss server.
A user logged in the application and seeing different username instead of his username and the data displayed are not belonging to the current user. He tried to re-login and now able to see the correct username and data. This is happening now and then, very often when the servers are restarted.
· We have four servers to serve (jboss-eap-4.3) and running in default configuration. This is deployed as “ear”. We are using JBOSS seam framework for this application.
· F5 load balancer which takes care of routing requests to the four jboss servers. This uses sticky session concept(one server – one client for entire session concept).
We suspected the jboss could be reusing the jsessionid. We the set emptySessionPath="true" in web deployer’s server.xml to avoid session reused.This is per links mentioned below. Still the issue is resurfacing.
Reference URLs for session reuse:
Thought of browser issue but it is not a browse issue.
Generally it is not replicable. But happening once in a while and causing confusion to the users. Not sure whether something do with F5 or jboss server. Please post your thoughts.
You help would be highly appreciated. Please let me know if you need any more information in this regard.