session maintenance across two web-servers with loadbalancer
Joined: Oct 21, 2008
I have two web-servers, both the web-server has its own load balacer, now my problem is when i move from server1 to server2 and back to server1 session is not getting maintained, rather it creates a new session, hence all my session values are lost.
Eg.. I move from weblogic to iplanet server and from iplanet whn am returning back to weblogic i dont see the initial session values, rather it goes null. it works perfectly if there is no load balacer.
Why there is an issue with load balancer? how to fix it? please advise
the reason why the session management doesn't work by default is simple. If you use a load balancer it decides for each request from a client (= browser) to which web server this request should be forwarded. The HTTP session management is usually done by the web servers and each web server only knows about its own sessions but not the sessions from your other web servers.
Now you can easily imagine a situation where the client request is forwarded to web server A which creates a session for this particular client. If the load balancer decides to redirect a subsequent request from the same client to web server B this web server doesn't know anything about the session web server A tries to maintain. So web server B thinks you request comes from a new client and creates a new session which in turn is only known to this one and only web server B. You understand?
Basically there are two or three solutions (in my opinion) to this problem:
1.) You have a load balancer which can handle HTTP sessions so that subsequent requests which belong to a particular session always get forwarded to the same web server. Because all requests specific to one client are forwarded to the same web server this scenario looks for each client like there would be only one web server. With this solution if a web server crashes you usually lose all the sessions which were handled by this web server. Normally this isn't a big deal but you should keep it in mind if you have to provide really high availability.
2.) The second solution would be to have a cluster of web servers (or possibly application servers) which use something like session migrating in Tomcat so that each server knows about all sessions. There has to be some mechanism to replicate each new session to all servers of the cluster though. I think this is very specific to the server product you are using. For this it may be a problem if you have a heterogenous cluster with completely different servers. Ordinary web servers probably don't have such a replication mechanism at all. Or you possibly have servers which can be configured to use a shared storage for the session data. Anyway because session data are shared between all servers it usually doesn't matter if you lose one server because of hardware defect or something like this.
3.) If it's possible to uniquely identify a client in any even without real HTTP session (for example because of some information encoded in the URL etc.) you could completely manage session data "by hand" in your web application and use a shared storage like a network share or database server to make session data accessible to all web servers. But I think this solution isn't very good and only an option if there's really no other way.
I hope know it's a little bit clearer although I can't tell you any details about weblogic or iplanet.
Marco [ October 22, 2008: Message edited by: Marco Ehrentreich ]