Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Remote Application Platform (RAP) » Multiple RAP Sessions lead to Session Timeout
Multiple RAP Sessions lead to Session Timeout [message #1783730] Fri, 16 March 2018 11:08 Go to next message
Sebastian Ganser is currently offline Sebastian GanserFriend
Messages: 6
Registered: August 2014
Junior Member
Hi everybody,

i am asking for help, because i ran into trouble with multiple RAP sessions and Jetty handling those sessions in one browser with multiple tabs. Everything works fine if only use one session in one tab, but when i open another tab (same browser) and load the second RAP application the first session gets a Session Timeout ("The server session timed out"). Both RAP applications are running on the same server and are reachable on the same adress with different ports and different servlet paths.

1. RAP Application: 192.168.1.10:8081/test
2. RAP Application: 192.168.1.10:8082/test2

RAP Version: 3.2.0
Jetty Version: 9.4.5
org.eclipse.equinox.http.jetty Version: 3.4.0

http://wiki.eclipse.org/RAP/FAQ#How_to_run_a_RAP_application_in_multiple_browser_tabs.2Fwindows.3F
https://www.eclipse.org/forums/index.php/t/201712/

I already found some information to prevent this "Session Timeout", but those posts and the FAQ entry are relying on RAP 2.1.0.

Is this still the correct way to avoid the "Session Timeout" problem and if yes, are their any limitations for using this?

Thanks for your help!

Regards,
Sebastian

Report message to a moderator

Re: Multiple RAP Sessions lead to Session Timeout [message #1783954 is a reply to message #1783730] Tue, 20 March 2018 16:38 Go to previous messageGo to next message
Ivan Furnadjiev is currently offline Ivan FurnadjievFriend
Messages: 2285
Registered: July 2009
Location: Sofia, Bulgaria
Senior Member
Hi,
I can't reproduce it with our online demos:

[1] http://rap.eclipsesource.com/demo/release/controls/
[2] http://rap.eclipsesource.com/demo/release/workbench/

Both apps are running in different tabs without problems. Is this happens in all browsers? Are you using statics? Could you give RAP 3.4 a try?
HTH,
Ivan

Report message to a moderator

Re: Multiple RAP Sessions lead to Session Timeout [message #1783983 is a reply to message #1783954] Wed, 21 March 2018 07:38 Go to previous messageGo to next message
Sebastian Ganser is currently offline Sebastian GanserFriend
Messages: 6
Registered: August 2014
Junior Member
Hey,

thanks for your reply. I tried it with your rap demo apps and they work correctly as you said, but i noticed a difference in networktraffic between those demo apps and my rap applications. I can't determine the cause of the difference, but my apps are placing a cookie containing information like "settingStore=1501825988417_0; JSESSIONID=node010clg1s2ymn7i8ahygqphrdjy0.node0" and those demo apps aren't.

Does rap/jetty recognize the session by reading the JSESSIONID entry of the placed cookie? If yes, why aren't your demo applications using cookies?

This happens with following browsers:
Chrome Version 64.0.3282.186 (64-Bit)
Firefox 59.0.1 (64-Bit)
Internet Explorer 11.0.9600.18860 (64-Bit)

I will give RAP 3.4.0 a try, but sadly i am bound to version 3.2.0 by the project.

Regards,
Sebastian

Report message to a moderator

Re: Multiple RAP Sessions lead to Session Timeout [message #1783988 is a reply to message #1783983] Wed, 21 March 2018 08:36 Go to previous messageGo to next message
Ivan Furnadjiev is currently offline Ivan FurnadjievFriend
Messages: 2285
Registered: July 2009
Location: Sofia, Bulgaria
Senior Member
Hi,
the HTTP session is handled by the application container - Jetty in your case. When 2 tabs are used in the same browser, the HTTP session is the same, but we have 2 RAP UI sessions on the server. I don't think that session cookie is a problem here. In order to help you I need at least a simple snippet/project to reproduce the issue.
Regards,
Ivan

Report message to a moderator

Re: Multiple RAP Sessions lead to Session Timeout [message #1783990 is a reply to message #1783988] Wed, 21 March 2018 09:22 Go to previous messageGo to next message
Sebastian Ganser is currently offline Sebastian GanserFriend
Messages: 6
Registered: August 2014
Junior Member
Hi,
i tried the way mentionend in the FAQ entry [1] to configure jetty to not use cookies for session recognition by implementing a jettycustomizer, which is provided by a fragment-plugin and forces jetty to use url recognition. This works fine, but is this really the correct way to achieve what i want?

[1] http://wiki.eclipse.org/RAP/FAQ#How_to_run_a_RAP_application_in_multiple_browser_tabs.2Fwindows.3F

My assumption is that jetty is using the cookie to get/ask for the correct http session (serverside), but there is only one cookie for every host. In my case there are rap-applications running on the same host and everytime i connect to an rap app with the same browser a cookie is placed for the host (app 1 url 192.168.1.10:8081/test -> host:192.168.1.10). If i connect to another session (app 2 url 192.168.1.10:8082/test2 -> host: 192.168.1.10) the host is still the same, but jetty already generated a new sessionid, which is placed as cookie for the same host. So the cookie will be overwritten. After switching to the tab with the first opened rap app jetty will read the sessionid in the cookie and ask the session handler for the correct session, which cant be provided, because the id belongs to the session of the second rap-application and therefore rap signals a session timeout.

Could you give me your thoughts on that and maybe tell me what handler you are using for your rap demo apps?

I forgot to mention that i use RAP in combination with E4 (3.2.0). A snippet/project will be provided as soon as possible.

Regards,
Sebastian

Report message to a moderator

Re: Multiple RAP Sessions lead to Session Timeout [message #1783992 is a reply to message #1783990] Wed, 21 March 2018 09:57 Go to previous messageGo to next message
Sebastian Ganser is currently offline Sebastian GanserFriend
Messages: 6
Registered: August 2014
Junior Member
An example for reproducing the problem can be found at [1].

[1]https://github.com/JayzayGer/rapsessiontimeout-example

Just launch both launch-configs and connect to those apps with the same browser.

Regards,
Sebastian

Report message to a moderator

Re: Multiple RAP Sessions lead to Session Timeout [message #1784051 is a reply to message #1783992] Wed, 21 March 2018 23:27 Go to previous messageGo to next message
Chris Fairhall is currently offline Chris FairhallFriend
Messages: 206
Registered: February 2011
Senior Member
So you're running two different instances of Jetty on the same host?
Two different instances can't share the same session cookie, that's a limitation of Jetty (and probably all application servers not in a cluster)
Cookies get shared between services on the same host even if they are on different ports.

You might be able to work around it by having Jetty set the context path in the session cookie, or maybe explicitly setting the port for the session cookie, so it doesn't get shared between the instances.

Edit: another couple of workarounds:
Set up different hostnames in your hosts file pointing to the same IP. Use different names for each instance, that will separate the cookies.

Alternatively, change the session cookie name for one or both Jetty instances
see https://stackoverflow.com/questions/24017645/set-jetty-session-cookie-name-programmatically

[Updated on: Thu, 22 March 2018 01:39]

Report message to a moderator

Re: Multiple RAP Sessions lead to Session Timeout [message #1784061 is a reply to message #1784051] Thu, 22 March 2018 07:18 Go to previous messageGo to next message
Sebastian Ganser is currently offline Sebastian GanserFriend
Messages: 6
Registered: August 2014
Junior Member
Yes, there are two (or more) different instances of jetty running on one host. I tried to your idea of adding additional information to the session cookie name explained in the link you posted and it works like it should. So disabling cookie-session-recognition and customizing the cookie name are valid workarounds and will avoid the problem of session timeout. Hopefully there aren't any negative effects for using this.

Thanks for your help!

Regards,
Sebastian

Report message to a moderator

Re: Multiple RAP Sessions lead to Session Timeout [message #1784687 is a reply to message #1784061] Mon, 02 April 2018 12:15 Go to previous messageGo to next message
Dmitry Dukhov is currently offline Dmitry DukhovFriend
Messages: 117
Registered: February 2013
Senior Member
checked the problem for me
exists

fixed for Jetty 9.0.1

WebAppContext context = new WebAppContext();
context.getSessionHandler().getSessionCookieConfig().setName("JSESSIONID_" + Global.xmlConfig.getInt("PORT"));

[Updated on: Mon, 02 April 2018 12:24]

Report message to a moderator

Re: Multiple RAP Sessions lead to Session Timeout [message #1784794 is a reply to message #1784687] Wed, 04 April 2018 08:43 Go to previous message
Sebastian Ganser is currently offline Sebastian GanserFriend
Messages: 6
Registered: August 2014
Junior Member
Which way would you recommend? Both ways (url rewiring instead of cookie[1] and extending the cookie key with port value) work, but i really can't determine the "correct" way. Aren't there any sideeffects for using url rewiring[1] or advanced cookie key? Is the workaround described in the FAQ valid or is this outdated because it aims for RAP 2.1?

[1] http://wiki.eclipse.org/RAP/FAQ#How_to_run_a_RAP_application_in_multiple_browser_tabs.2Fwindows.3F

Regards,
Sebastian

Report message to a moderator

Previous Topic:Help System under 3.4
Next Topic:Loading PDF with PDFBox
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Sep 22 07:23:24 GMT 2018

Powered by FUDForum. Page generated in 0.02341 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly