jetty.project icon indicating copy to clipboard operation
jetty.project copied to clipboard

Published 20 hours ago verified publisher icon jetty

Session values are not shared to multiple instances in Persistent HTTP Sessions moudle of Google Cloud DataStore

Open ashraftalib opened this issue 1 year ago • 6 comments
trafficstars

Jetty version(s) Version 12.0.6

Jetty Environment server,http,sessions,ee8-deploy,ee8-jsp,session-store-gcloud

Java version/vendor Java 21 OS type/version Linux

Description Using docker file and enabling the persistence session in Google AppEngine with session-store-gcloud moudle for session values are not shared with another instance in Google AppEngine flex.

How to reproduce? I am using commands form the Dockerfile : https://github.com/jetty/jetty.docker/tree/master/eclipse-temurin/12.0/jdk21

Below is sample snippet of my docekrfile for adding the moudles: server,http,sessions,ee8-deploy,ee8-jsp, session-store-gcloud. GCP datastore session to deploy the war file as

WORKDIR $JETTY_BASE COPY docker-entrypoint.sh generate-jetty-start.sh / COPY ./sample.ini $JETTY_BASE/start.d/sample.ini COPY ./sample.properties $JETTY_BASE/webapps/sample.properties COPY ./sample.war $JETTY_BASE/webapps/sample.war COPY ./id-manager.xml $JETTY_HOME/etc/sessions/id-manager.xml

USER jetty EXPOSE 8080 ENTRYPOINT ["/docker-entrypoint.sh"] CMD ["java","-jar","/usr/local/jetty/start.jar"]

sample.ini has all configurations for - ee8-deploy,ee8-jsp,session-store-gcloud as below

--modules=ee8-deploy --modules=ee8-jsp

--modules=sessions --module=session-store-gcloud

I am able to use Module for Persistent HTTP Sessions: Google Cloud Datastore Successfully. And GCloudSession entities are saved with the attributes as

Name/ID | accessed | attributes | contextPath | cookieSetTime | createTime | expiry | id | last Accessed | lastNode | lastSaved | maxInactive | vhost

I am running my service on two instances there may be chance to many instance (autoscaling mode). There is an issue of HTTP Sessions are not shared with another instance.

**Scenario: **

If suppose a user is opening a url link(page) and have not login or session in app. Initially there is no session of a user at that time app saves this page url in session and redirect to login the app with this session values on one instance after login there is user's session and that url value also so for opening this page it will redirect the user with same page and now this page opens in other instance but there is user's login session already(in gcp-datastore) and not able to open the url(page) and this page again asks the user to login. Even user has already login in on instance and saved all values in session.

Example suppose one instance: aef-default-206-7b0n have no session value then it will save the page link in session (gcp datastore on this node) and redirect to login and save all user's details in session (gcp datastore) on the node aef-default-206-7b0n and at same time there is a url in session, which has to be open the same page after login to app and it will redirect to that url(page) on any node if we have a persistence session. Now the url is opening in other instance: aef-default-206-7z0b and this instance page is showing there is no login session (Even there is already a persistence session through gcp data-store) and it again redirect the user to login the app. Even user has already login on the first instance. Why this session is not shared to other instance with updates the attributes for both nodes.?

This behaviour occurred sometime and sometimes it works fine and user able to open the url on second instance with shared session values.

Is there something is missing in my app configuration for session module to GCP datastore ? I want session should be shared and updated on both nodes(instances) so it should not come the login page if a user already login and saved session for any node.

Please help me what should I have to do?

ashraftalib avatar Jul 30 '24 11:07 ashraftalib

IIRC in the flex/appengine environment there is no sticky loadbalancer, and the NullSessionCache is used by default by the google code. That being the case, writes of the session to gcloud-datastore occur in any order, there's no guarantee that a write on one node will be seen by another node. See https://jetty.org/docs/jetty/12/operations-guide/session/index.html#clustering-without-a-sticky-load-balancer.

Of course, things may have changed and @lachlan-roberts may have more up-to-date information.

janbartel avatar Jul 31 '24 22:07 janbartel

@janbartel It means, I have to configure the session-cache-null module for achieving the session available on nodes so that no login occurred and url(page) will open on 2nd node if user has logged in already on first node.

So, by using session-cache-null.ini with attribute values as below will be right configuration?

jetty.session.saveOnCreate=true jetty.session.removeUnloadableSessions=true jetty.session.flushOnResponseCommit=true

Please let me know. Or I have to do something else?

ashraftalib avatar Aug 01 '24 03:08 ashraftalib

@ashraftalib certainly those values would be good to set.

janbartel avatar Aug 02 '24 06:08 janbartel

Hi @janbartel, by applying the settings below with uploading a session-cache-null.xml in $JETTY_HOME/etc/sessions/session-cache-null.xml with default value true as in given xml file

<Call name="addBean">
    <Arg>
      <New class="org.eclipse.jetty.session.NullSessionCacheFactory">
        <Set name="saveOnCreate"><Property name="jetty.session.saveOnCreate" default="true" /></Set>
        <Set name="removeUnloadableSessions"><Property name="jetty.session.removeUnloadableSessions" default="true" /></Set>
        <Set name="flushOnResponseCommit"><Property name="jetty.session.flushOnResponseCommit" default="true" /></Set>
      </New>
    </Arg>
  </Call>

and in application.ini with these configs jetty.session.saveOnCreate=true jetty.session.removeUnloadableSessions=true jetty.session.flushOnResponseCommit=true

sometime, I am still getting no session attribute value on other node even already login with some attribute values in session.

@janbartel can you let me know what is wrong in the above configuration? Or should I have to do something else ?

Thanks

ashraftalib avatar Aug 16 '24 13:08 ashraftalib

I think you are going to have to enable debug logging for org.eclipse.jetty.session and org.eclipse.jetty.ee8.nested.SessionHandler on the server side, and also look at the http dialog between your client and the server(s). It might be that the client is not presenting the JSESSIONID cookie to the second server.

janbartel avatar Aug 19 '24 01:08 janbartel

Also make sure you are on at least 12.0.11 as issue https://github.com/jetty/jetty.project/issues/11745 may have a bearing on your problem.

janbartel avatar Aug 19 '24 08:08 janbartel

This issue has been automatically marked as stale because it has been a full year without activity. It will be closed if no further activity occurs. Thank you for your contributions.

github-actions[bot] avatar Aug 22 '25 00:08 github-actions[bot]

This issue has been closed due to it having no activity.

github-actions[bot] avatar Oct 16 '25 00:10 github-actions[bot]