Sessionstate server (webfarm) environment, user sessions get mixed up

Question

Hi all,

I've got a strange problem. Let me first describe my situation:

• Webserver01 (Webapplication, SQL, SessionState Service)
• Webserver02 (Webapplication)

Both webservers are load balanced using NLB.

Now comes the problem. Very, very, very incidental a logged in user, some how gets the session from a completely different user. How do we noticed? We got a call from one of our customers, telling that he suddenly has access to anothers customers profile..!!

To eliminate the Sessionstate, we're going to take Webserver02 offline and disable SessionState and put it InProc.

But my main question here is that i've noticed that both webservers have different date-time! The difference is only a few minutes, sloppy, but true. Could this also be the cause of user Sessions getting mixed up? Anyone expirenced similiar problem(s) with SessionState service?

Many thanks in advance.

Answer 1

I've had a similar situation in the past. In my situation a developer (not me honestly) had created a single static database connection in our Data Access layer which caused random issues, very similar to the one your experiencing. Can you confirm that you've got no static database connections?

I.E.,

private static SqlConnection m_Connection;

Answer 2

Still didn't found the problem. Although it hasn't occurred anymore. We've drasticly cleaned our code... that might did the trick...