The originating address IS the same? You said it
wasn't...
Here's an idea:
the original computer browser was never shut down. As a
result, the session cookie in the browser still contains the
session id. Because the time limit has expired, a "new"
session is created on the "new" server, but it uses the
session id passed to it by the browser from the previous
session.
Test: start a session in a browser. Wait an hour.
Hit reload. See what the session id is. (I could
have sworn we tested this, though, and Resin
created a new session id when we did this)
Azinger, Eric wrote:
> Greetings,
> On our site we log a variety of information about our visitors. Recently we
> have seen many instances in which duplicate session ids are appearing. We
> have a simple bean that pulls the session id along with other basic info and
> shoves it into our database. These duplicate session ids are being logged
> on different dates and from different servers in our cluster. Due to the
> size of the session id and the way they are generated, this much duplication
> should not be happening. The only commonality that we can find is that the
> originating address of the request will stay the same. It appears that
> somehow the session ids are being cached, but I have no idea how this is
> happening. Any ideas?
> Thanks,
> Eric
>
>
> .
>
Received on Wed 03 Apr 2002 08:43:18 -0800
This archive was generated by hypermail 2.1.8 : Thu Sep 28 2006 - 20:17:00 PDT