views:

52

answers:

3

In my website, some of users complain about problems in logging in.

Their browsers generally don't see session info and cannot understand that the user is logged in, and behave like never logged in. But after some refresh, browser see session info and show the user as logged in normally. Again, if the user try to do some action( like writing a message) browser again loose the session info and redirect to the login page. The situation continues like that.

Browser security options, cookie options of the user's computer are all the same as mine.

I never face such a problem but they do.

How can i solve the problem, actually how can i see,understand the problem?

Thanks.

A: 

is your server load balanced? I had this problem recently were users of one of our old sites were temporarily "losing" their logged in state.

We found that the loadbalancer wasn't implementing sticky sessions properly so people were jumping between servers and because the site was using server sessions, instead of database sessions, people were effectively logged out on one server but logged in on the other...

gavtaylor
thanks but , no there is no load balancing
Sticky sessions suck - they totally undermine the HA reasons for using a load balancer
symcbean
+1  A: 

Since you seem to be unable to reproduce the problem, and getting to their machine may not be an option, you could potentially have them run something like Fiddler (ie), Firebug (firefox), etc, then send you the logs.

As gavtaylor suggested, I'd be suspicious of a load balancer, proxy, or otherwise.

Matt
Thanks for correcting that AlexV. It wouldn't let me add both links in (properly) as it gave me some error about the possibility of spam (I suppose due to the fact that I'm just getting started here - offering some answers). /shrug
Matt
+1  A: 

The usual recipe is:

  • try to reproduce the problem
  • if this fails add more logging
  • if still not clear, then debug the code

Assuming the first one has failed, then you might want to start logging the value of the session cookie

Superficially, this sounds like a caching issue.

symcbean