[jboss-jira] [JBoss JIRA] (WFLY-6543) Multiple Sessions are created over SSL Session Tracking

Multiple Sessions are created over SSL Session Tracking ------------------------------------------------------- Key: WFLY-6543 URL: https://issues.jboss.org/browse/WFLY-6543 Project: WildFly Issue Type: Bug Components: Web (Undertow) Affects Versions: 10.0.0.Final Environment: oracle java version "1.8.0_74" Reporter: Pradeep Kumar Assignee: Stuart Douglas Labels: session, ssl Attachments: SessionTrackingSsl.war When using SSL as the session tracking method, there are multiple sessions created for subsequent HTTP requests, some of which are reused. This is the log obtained by using a filter to track the HTTP Sessions: {noformat} 14:08:45,766 INFO [com.test.SessionIdTrackFilter] (default task-17) Request URL : [/SessionTrackingSsl/], Session Id : [wkgBkT61gFQnJeSacPyLEgKWmJ6iPusT-8xcpXFP] 14:08:45,784 INFO [com.test.SessionIdTrackFilter] (default task-20) Request URL : [/SessionTrackingSsl/resources/css/font-awesome.min.css], Session Id : [uljMhXUsAK1BXXXmnmXzAD4EkFgFZn30I-wsFajD] 14:08:45,784 INFO [com.test.SessionIdTrackFilter] (default task-16) Request URL : [/SessionTrackingSsl/resources/js/jquery/jquery-1.12.3.min.js], Session Id : [SBZeTDPKSxLbgcwR_zCazx5heXwssOvrjSVI0sJV] 14:08:45,784 INFO [com.test.SessionIdTrackFilter] (default task-18) Request URL : [/SessionTrackingSsl/resources/css/bootstrap.min.css], Session Id : [wkgBkT61gFQnJeSacPyLEgKWmJ6iPusT-8xcpXFP] 14:08:45,785 INFO [com.test.SessionIdTrackFilter] (default task-16) Request URL : [/SessionTrackingSsl/resources/js/bootstrap.min.js], Session Id : [FETLRFRjQyjzktTUi29hTe3tqimJnGEgdpHZGu6e] 14:08:45,787 INFO [com.test.SessionIdTrackFilter] (default task-19) Request URL : [/SessionTrackingSsl/starter-template.css], Session Id : [eHGhpdreJJv8RKTmZul3hKXjORhAp8GIqJktTmgh] 14:08:45,814 INFO [com.test.SessionIdTrackFilter] (default task-26) Request URL : [/SessionTrackingSsl/resources/fonts/fontawesome-webfont.woff2], Session Id : [wkgBkT61gFQnJeSacPyLEgKWmJ6iPusT-8xcpXFP] {noformat} I have made the following changes to the standalone.xml to enable SSL: diff ../standalone/configuration/standalone.xml ../standalone/configuration/standalone_xml_history/standalone.initial.xml : {noformat} 1c1 < <?xml version='1.0' encoding='UTF-8'?> --- > <?xml version="1.0" ?> 4d3 < 33,34d31 < < 47,51d43 < <server-identities> < <ssl> < <keystore path="testks.keystore" relative-to="jboss.server.config.dir" keystore-password="Password" alias="testks" key-password="Password"/> < </ssl> < </server-identities> 89d80 < 188a180 > <!-- Automatically configure pools. Alternatively, max-pool-size can be set to a specific value --> 206c198 < <remote connector-ref="https-remoting-connector" thread-pool-name="default"/> --- > <remote connector-ref="http-remoting-connector" thread-pool-name="default"/> 305c297 < <http-connector name="https-remoting-connector" connector-ref="default-https" security-realm="ApplicationRealm"/> --- > <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/> 360c352 < <https-listener name="default-https" security-realm="ApplicationRealm" socket-binding="https"/> --- > <http-listener name="default" socket-binding="http" redirect-socket="https"/> 391d382 < 400d390 < {noformat} Apart from this, I have not made any changes to any of the configuration files. When the tracking method is set to COOKIE, the session ids are consistent.