[mod_cluster-issues] [JBoss JIRA] (MODCLUSTER-268) emptySessionPathed JSESSIONID.jvmRoute cookies results in requests being improperly sent to mod_cluster workers
Michal Babacek (JIRA)
issues at jboss.org
Fri Aug 8 06:28:49 EDT 2014
[ https://issues.jboss.org/browse/MODCLUSTER-268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Michal Babacek closed MODCLUSTER-268.
-------------------------------------
Closing. Clean-up.
At least one of the following applies:
* the issue has been thoroughly tested as a part of one of the current releases
or
* it hasn't occurred in ~2 years
or
* it's utterly harmless
> emptySessionPathed JSESSIONID.jvmRoute cookies results in requests being improperly sent to mod_cluster workers
> ---------------------------------------------------------------------------------------------------------------
>
> Key: MODCLUSTER-268
> URL: https://issues.jboss.org/browse/MODCLUSTER-268
> Project: mod_cluster
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Affects Versions: MOD_CLUSTER_1_0_10_GA_CP01
> Environment: JBoss EAP 5.1.1
> EWS 1.0.2
> MOD_CLUSTER 1.0.10.GA_CP01
> Reporter: Aaron Ogburn
> Assignee: Jean-Frederic Clere
> Priority: Minor
> Fix For: MOD_CLUSTER_1_0_10_GA_CP03
>
>
> Empty session paths can result in requests being sent to mod_cluster workers that shouldn't be. For example, if a request for apache-served static content has an applicable JSESSIONID (either because the path matches the context or its an empty path and matches everything) with a route valve appended to it, then the static content request is directed to the mod_cluster balancer, resulting in 503s and "All workers are in error state".
> So it looks like the presence of a jsessionid.jvmroute cookie causes apache/mod_cluster to improperly route the request even if its a context not handled by any mod_cluster workers.
--
This message was sent by Atlassian JIRA
(v6.2.6#6264)
More information about the mod_cluster-issues
mailing list