web farm session sharing

Discussion in 'ASP .Net' started by =?Utf-8?B?RGFuaWVs?=, May 14, 2004.

  1. Hi

    I am having a problem sharing session between SSL and non-SSL asp.net pages
    I have F5 BigIP with sticky sessions working fine, but the problem is tha
    sticky session applies at the port level (80 vs. 443) so when a user goes t
    a SSL page I lose session vars because it's on another server on the farm
    When the user stays on the same server for both non-SSL and SSL the sessio
    is shared OK

    Has anyone come across this problem and are there any work arounds

    Thanks

    Danie
     
    =?Utf-8?B?RGFuaWVs?=, May 14, 2004
    #1
    1. Advertising

  2. =?Utf-8?B?RGFuaWVs?=

    Doug Perkes Guest

    Daniel,

    The best way to get around this is to use a Session State server. You can
    either store the sessions in a state server or in SQL Server. You could even
    define one of your web servers as the state server for the farm. I've had
    good experience using SQL Server session state but not the state server. The
    best part about is is that you can disable sticky sessions -- they are no
    longer needed. By disabling sticky sessions, you make your system more fault
    tolerant becuase a web server can go down without losing any session
    information.

    For more information see:

    ASP.NET Session State
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaspnet/html/asp12282000.asp

    HTH,

    Doug


    "Daniel" <> wrote in message
    news:...
    > Hi,
    >
    > I am having a problem sharing session between SSL and non-SSL asp.net

    pages.
    > I have F5 BigIP with sticky sessions working fine, but the problem is that
    > sticky session applies at the port level (80 vs. 443) so when a user goes

    to
    > a SSL page I lose session vars because it's on another server on the farm.
    > When the user stays on the same server for both non-SSL and SSL the

    session
    > is shared OK.
    >
    > Has anyone come across this problem and are there any work arounds?
    >
    > Thanks,
    >
    > Daniel
    >
     
    Doug Perkes, May 14, 2004
    #2
    1. Advertising

  3. I did look into session state, but the issue is the same that once the user goes from SSL to non-SSL a new session is started under SSL

    Thanks
    ----- Doug Perkes wrote: ----

    Daniel

    The best way to get around this is to use a Session State server. You ca
    either store the sessions in a state server or in SQL Server. You could eve
    define one of your web servers as the state server for the farm. I've ha
    good experience using SQL Server session state but not the state server. Th
    best part about is is that you can disable sticky sessions -- they are n
    longer needed. By disabling sticky sessions, you make your system more faul
    tolerant becuase a web server can go down without losing any sessio
    information

    For more information see

    ASP.NET Session Stat
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaspnet/html/asp12282000.as

    HTH

    Dou


    "Daniel" <> wrote in messag
    news:..
    > Hi
    >> I am having a problem sharing session between SSL and non-SSL asp.ne

    pages
    > I have F5 BigIP with sticky sessions working fine, but the problem is tha
    > sticky session applies at the port level (80 vs. 443) so when a user goe

    t
    > a SSL page I lose session vars because it's on another server on the farm
    > When the user stays on the same server for both non-SSL and SSL th

    sessio
    > is shared OK
    >> Has anyone come across this problem and are there any work arounds
    >> Thanks
    >> Danie

    >
     
    =?Utf-8?B?RGFuaWVs?=, May 14, 2004
    #3
  4. One option is storing the session information in a central location that
    all the servers have access to. ASP.NET supports dedicating a
    centralized session state server, or storing the session state in Sql
    Server. See this article:

    http://msdn.microsoft.com/library/en-us/dnaspp/html/aspnetsessionstate.asp

    I've yet to try this in a production evironment though, so I'm not sure
    how well it really scales.

    -Jason


    Daniel wrote:
    > Hi,
    >
    > I am having a problem sharing session between SSL and non-SSL asp.net pages.
    > I have F5 BigIP with sticky sessions working fine, but the problem is that
    > sticky session applies at the port level (80 vs. 443) so when a user goes to
    > a SSL page I lose session vars because it's on another server on the farm.
    > When the user stays on the same server for both non-SSL and SSL the session
    > is shared OK.
    >
    > Has anyone come across this problem and are there any work arounds?
    >
    > Thanks,
    >
    > Daniel
    >
     
    Jason DeFontes, May 14, 2004
    #4
  5. =?Utf-8?B?RGFuaWVs?=

    Doug Perkes Guest

    Daniel,

    It is most likely that a new session is being started becuase the user is
    getting sent to a new server. Since the new server doesn't recognize the
    session id being sent to it, the web server creates a new session for the
    user.

    Since the user is being moved from HTTP (port 80) to HTTPS (port 443) the
    load balancer treats it as new user and sends it to an arbitrary server.

    -- doug

    "Daniel" <> wrote in message
    news:...
    >
    > I did look into session state, but the issue is the same that once

    the user goes from SSL to non-SSL a new session is started under SSL.
    >
    > Thanks,
    > ----- Doug Perkes wrote: -----
    >
    > Daniel,
    >
    > The best way to get around this is to use a Session State server. You

    can
    > either store the sessions in a state server or in SQL Server. You

    could even
    > define one of your web servers as the state server for the farm. I've

    had
    > good experience using SQL Server session state but not the state

    server. The
    > best part about is is that you can disable sticky sessions -- they

    are no
    > longer needed. By disabling sticky sessions, you make your system

    more fault
    > tolerant becuase a web server can go down without losing any session
    > information.
    >
    > For more information see:
    >
    > ASP.NET Session State
    >

    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaspnet/html/asp12282000.asp
    >
    > HTH,
    >
    > Doug
    >
    >
    > "Daniel" <> wrote in message
    > news:...
    > > Hi,
    > >> I am having a problem sharing session between SSL and non-SSL

    asp.net
    > pages.
    > > I have F5 BigIP with sticky sessions working fine, but the problem

    is that
    > > sticky session applies at the port level (80 vs. 443) so when a

    user goes
    > to
    > > a SSL page I lose session vars because it's on another server on

    the farm.
    > > When the user stays on the same server for both non-SSL and SSL the

    > session
    > > is shared OK.
    > >> Has anyone come across this problem and are there any work

    arounds?
    > >> Thanks,
    > >> Daniel

    > >
     
    Doug Perkes, May 14, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Robby van Damme
    Replies:
    0
    Views:
    1,326
    Robby van Damme
    Aug 8, 2003
  2. =?Utf-8?B?TGVhcm5pbkd1cnU=?=

    Session TimeOut and Web Farm

    =?Utf-8?B?TGVhcm5pbkd1cnU=?=, Jun 28, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    491
    =?Utf-8?B?TGVhcm5pbkd1cnU=?=
    Jun 28, 2004
  3. David
    Replies:
    6
    Views:
    460
    Girish Bharadwaj
    Sep 14, 2004
  4. Session lost in web Farm

    , May 17, 2006, in forum: ASP .Net
    Replies:
    7
    Views:
    701
    Rodrigo Diniz
    May 18, 2006
  5. wdudek
    Replies:
    10
    Views:
    1,609
    Steven Cheng
    Mar 5, 2008
Loading...

Share This Page