Wir haben immer wieder das Problem, dass Benutzer mitten in der Arbeit am Web Client ausgeloggt werden. Das Problem scheint daran zu liegen, dass die User über NAT und Loadbalancing über verschiedene Gateways kommen. Dabei kann es passieren, dass ein User, der ursprünglich mit der IP des NAT-Gateway A kam, plötzlich über Gateway B kommt.
Bei den Sessions wird offenbar überprüft, ob die IP gleichgeblieben ist, ansonsten wird die Session beendet. Kann man diese Funktion irgendwie abschalten?
There is no switch to turn this security feature off, and switching off security features should be the very last step in order to make something work. Couldn't those load balancer be configured for session stability? I mean this issue won't only occur with OX but also other network/webservices.
Last edited by Martin Heiland; 07-07-2009 at 06:17 PM.
Just an idea, does this also happen when using SSL?
Yes, it is happening as well when we use SSL. The Gateway-Loadbalancing of course keeps users persistent on the line that they initially got, but it is a bunch of lines and often enough one of the connections drops and the users get rearranged on the remaining lines.
Okay i understand the issue. If a connection drops, the session gets lost - that's a fact for most web applications or network services. When the connection of the current session goes away, the session is still alive for a timeout of about 6 hours. If no new requests are sent to the server with that session it will time out automatically. It would be careless if we would trust a user who is connecting to an existing session through another connection.
In your case the connection drops about every hour which means that 6 sessions per user are idle during work time. I don't know the size of your installation but 6 idle session don't require much resources. The biggest problem is that the user needs to login again, but sadly there is nothing we can do about network connection interruptions.