Java multiple HttpSession IDs for the same user

Question

I have some problem with sessions. When I try my project from local sources and refresh several times a JSP that contains the following code:

<h1>Session ID=<%=session.getId()%></h1>

It always display the same ID. Alright.

The problem is I have deployed the project in a remote server and when I reload the same JSP, it returns me a different session ID every time I refresh the page.

The remote server is using https (SSL certificate) and a NGINX reverse-proxy (if this information helps...).

What am I doing wrong?

Any extra information needed, please tell me and I will give it to you.

PS. More information: if I access to the remote server using its IP and port, it seems that works, giving me the same session ID every time I refresh the page.

score 1 · Accepted Answer · answered Jul 19 '19 at 13:52

I have solved this modifying some config files in NGINX and Tomcat.

In NGINX, I have deleted the proxy-cache lines I've written in the server configuration.

In Tomcat, I have set context.xml as follows:

<Context path="/" 
         reloadable="false" 
         override="true" 
         useNaming="false" 
         allowLinking="true" 
         useHttpOnly="false" 
         sessionCookiePath="/" 
         sessionCookiePathUsesTrailingSlash="false"/>

And it works! :)

Java multiple HttpSession IDs for the same user

1 Answers1