Participant

Question

Server.Processing.DuplicateSessionDetected

Forum|Forum|16 years ago
September 2, 2009
8 replies
35284 views

Hi,

I am using BlazedDS remote objects in my application and following is the error I am getting.

faultCode:Server.Processing.DuplicateSessionDetected

faultString:'Detected duplicate HTTP - based FlexSessions, generally due to the remote host disabling session cookies. Session coolkies must be enable to manage the client connection correctly.'

faultDetail: 'null'

Along with this error I also get the following error most times.

faultCode:Server.Processing

faultString:'There was an unhandler failure on the server. The FlexSession is invalid.'

faultCode:'null'

My environment for the application is as follows:

Server - Websephere v6.1

Browser - IE 6, Mozilla 3.x. I have tried on both the browsers and it occurs in both of them.

Flex - Flex SDK - 3.2

Java - Java 5.0

My application is as follows:

I have configured BlazedDS on the server side to access remote objects to get data onto the client which is written in Flex/ActionScript.

when i run the application it seems to run fine. But at times the above error occurs. I am unable to reproduce this error AT WILL. I am not sure about the reason that this error seems to occur.

I have attached the config files for my application. The limit being 3 files the one remaining services-config.xml is as below:

<?xml version="1.0" encoding="UTF-8"?>
<services-config>

        <channel-definition id="my-amf" class="mx.messaging.channels.AMFChannel">
            <endpoint url="http://{server.name}:{server.port}/{context.root}/messagebroker/amf" class="flex.messaging.endpoints.AMFEndpoint"/>
            <properties>
                <polling-enabled>false</polling-enabled>
            </properties>
        </channel-definition>

<channel-definition id="my-secure-amf" class="mx.messaging.channels.SecureAMFChannel">
            <endpoint url="https://{server.name}:{server.port}/{context.root}/messagebroker/amfsecure" class="flex.messaging.endpoints.SecureAMFEndpoint"/>
            <properties>
                   
                <add-no-cache-headers>false</add-no-cache-headers>
            </properties>
        </channel-definition>

        <channel-definition id="my-polling-amf" class="mx.messaging.channels.AMFChannel">
            <endpoint url="http://{server.name}:{server.port}/{context.root}/messagebroker/amfpolling" class="flex.messaging.endpoints.AMFEndpoint"/>
            <properties>
                <polling-enabled>true</polling-enabled>
                <polling-interval-seconds>4</polling-interval-seconds>
            </properties>
        </channel-definition>

</channels>

    <logging>
        <target class="flex.messaging.log.ConsoleTarget" level="Error">
            <properties>
                <prefix>[BlazeDS] </prefix>
                <includeDate>false</includeDate>
                <includeTime>false</includeTime>
                <includeLevel>false</includeLevel>
                <includeCategory>false</includeCategory>
            </properties>
            <filters>
                <pattern>Endpoint.*</pattern>
                <pattern>Service.*</pattern>
                <pattern>Configuration</pattern>
            </filters>
        </target>
    </logging>

    <system>
        <redeploy>
            <enabled>false</enabled>
        </redeploy>
    </system>

</services-config>

It has been quite some time that i have been unable to resolve the issue. Any help in resolving the issue is appreciated.

Thanks a bunch..!!

Please let me know if you need to know anything else regarding the issue.

remoting-config.zip

proxy-config.zip

messaging-config.zip

This topic has been closed for replies.

A

aubweb

Known Participant

Issue still not fixed on my side...

I've planned to reinstall CF9 on our production environement

A

aubweb

Known Participant

I reinstalled coldfusion 9 yesterday and problem is still there...

RPC Fault

faultString="Detected duplicate HTTP-based FlexSessions, generally due to the remote host disabling session cookies. Session cookies must be enabled to manage the client connection correctly."

faultCode="Server.Processing.DuplicateSessionDetected"

faultDetail="null"

A

Alex Glosband

Adobe Employee

Hi. Looking at the Charles log you attached awhile back, the problem looks to be due to the server creating a new HTTPSession for every request to the flex gateway. The first request to the flex gateway in the Charles log failed because the FlexClient ID in the AMF request (this is the DSId header) was already associated with another HTTP session.

If you look at the headers in the response to this first request you'll see at number of Set-Cookie headers for the JSESSIONID.

Set-Cookie	JSESSIONID=8430e043b5563663a32f7c491c681b4771e4;path=/
Set-Cookie	JSESSIONID=8430e043b5563663a32f7c491c681b4771e4;path=/
Set-Cookie	JSESSIONID=8430e043b5563663a32f7c491c681b4771e4;path=/
Set-Cookie	JSESSIONID=8430e043b5563663a32f7c491c681b4771e4;path=/

I'm not sure why there is more than one of these but what this means is that the server did not recognize the JSESSIONID on the request and created a new HTTPSession for you. That should not be happening. If the Flex client has a FlexClient ID, it means that a new FlexClient was created on the server and tied to a HTTP Session. The JSESSIONID and the FlexClient ID were returned to the client. The client now needs to pass that same FlexClient ID and the JSESSIONID to the server. In this case however the server doesn't recognize the JSESSIONID you are sending it.

If you look at the HTTP headers on the first request to the flex gateway, you can see that there are two JSESSIONID headers.

s_sess	%20s_cc%3Dtrue%3B%20s_sq%3Dswhswhstarwoodone%253D%252526pid%25253DEAME%2525253A%25252520Homepage%252526pidt%25253D1%252526oid%25253DfunctionlinkIt%25252528%25252529%2525257Bif%25252528this.linkText.indexOf%25252528%25252522javascript%2525253A%25252522%25252529%25252521%2525253D-1%25252529eval%25252528this.linkText%25252529elsemenuLoc.location%252526oidt%25253D2%252526ot%25253DSPAN%252526oi%25253D1810%3B
TLTHID	2B05517A37EB1037CBD3C3B4E4C00546
TLTSID	2748929A37EB1037CB71C3B4E4C00546
JSESSIONID	00001dWix_Mxhmz-QEOO0jcVueo:13mo7b8v1
s_vi	[CS]v1\|477B6AD8000041FC-A290B2400000EBC[CE]
s_pers	%20s_vnum%3D1270635787495%2526vn%253D23%7C1270635787495%3B%20s_lastvisit%3D1269506873843%7C1364114873843%3B%20gpv_p12%3D157%252C3760795%252C157_3760798%7C1269508694906%3B%20s_visit%3D1%7C1269508701433%3B%20s_nr%3D1269506901448%7C1272098901448%3B%20s_invisit%3Dtrue%7C1269508701464%3B%20temp_s_campaign_ES%3DSW1_ETOOLS_STARHOT%7C1272098901480%3B%20s_ev45%3D%255B%255B%2527ES%253Aundefined%2527%252C%25271252569704540%2527%255D%252C%255B%2527ES%253A09%253A16%253A2009%2527%252C%25271253107565476%2527%255D%252C%255B%2527ES%253A11%253A03%253A2009%2527%252C%25271257260612733%2527%255D%252C%255B%2527ES%253A11%253A30%253A2009%2527%252C%25271259598422585%2527%255D%252C%255B%2527ES%253A03%253A25%253A2010%2527%252C%25271269506901480%2527%255D%255D%7C1427273301480%3B
CFADMIN_LASTPAGE_ADMIN	%2FCFIDE%2Fadministrator%2Flogging%2Findex%2Ecfm
ANALYZER_DIRECTORY	C%3A%5CInetpub%5Cwwwroot%5CEAMEDASHBOARD%5CreflexCFCprod
CFID	12815
CFTOKEN	768a952af8676dab-726E30C2-1CC4-432D-D0FA7089BC4AF753
JSESSIONID	84302df05caf65289cd66e46581257450252

The server is probably just seeing the first JSESSIONID which it doesn't recognize and then creating a new HTTP session. I'd look at where this first JSESSIONID is getting set and see if you can configure things so the correct JSESSIONID is getting sent to the flex gateway.

Hope that helps.

-Alex

A

Anonymous

Ive had some similar problems, great information in this post.

A

aubweb

Known Participant

Hi,

I stopped my coldfusion service.

I replaced all my flex-messaging-*.jar that are in Coldfusion9\lib directory with the ones that are in the last version of blazeds (3.3.0.14146), binary versiom.

Restarted coldfusion ...

And the problem is still there...

N

Nicolas_H_

Participant

Hi,

Maybe the problem is not in BlazeDS and so updating it won't change anything.

The duplicate session is triggered when you have multiple requests coming from the same client with different DSID in the header of the AMF request or multiple sessions coming with the same DSID.

Hope this help,

Nicolas.

A

aubweb

Known Participant

Hi

I personally had this error this morning when I opened the app in Internet Explorer.

I ran Charles to capture what was happening…

Here’s a response header in IE : (remote objects threw fault event)

	HTTP/1.1 200 OK
Date	Thu, 25 Mar 2010 08:57:12 GMT
Server	Microsoft-IIS/6.0
X-Powered-By	ASP.NET
Set-Cookie	JSESSIONID=8430c9fca90edc183d88362d1c57527f2518;path=/
Set-Cookie	JSESSIONID=8430c9fca90edc183d88362d1c57527f2518;path=/
Set-Cookie	JSESSIONID=8430c9fca90edc183d88362d1c57527f2518;path=/
Set-Cookie	JSESSIONID=8430c9fca90edc183d88362d1c57527f2518;path=/
Set-Cookie	JSESSIONID=8430c9fca90edc183d88362d1c57527f2518;path=/
Pragma	no-cache
Expires	Sat, 25 Dec 1999 00:00:00 GMT
Cache-Control	no-cache
Content-Type	application/x-amf
Content-Length	2261

I opened the app in Chrome and for the same thing look at the header response : (remote objects threw result event)

	HTTP/1.1 200 OK
Date	Thu, 25 Mar 2010 09:03:14 GMT
Server	Microsoft-IIS/6.0
X-Powered-By	ASP.NET
Pragma	no-cache
Expires	Sat, 25 Dec 1999 00:00:00 GMT
Cache-Control	no-cache
Content-Type	application/x-amf
Content-Length	610

AMF response in IE :

AMF Message	Message
Header
Body
[0]	Body Part
Target	String	/81/onStatus
Response	String
Content	Object	flex.messaging.messages.ErrorMessage
headers	Object
rootCause	Null
body	Null
correlationId	String	4D090D88-6681-526A-29E4-9489B94325E7
faultDetail	Null
faultString	String	Detected duplicate HTTP-based FlexSessions, generally due to the remote host disabling session cookies. Session cookies must be enabled to manage the client connection correctly.
clientId	Null
timeToLive	Number	0
destination	String	ColdFusion
timestamp	Number	1269507432078
extendedData	Null
faultCode	String	Server.Processing.DuplicateSessionDetected
messageId	String	A1A53498-AE08-AB21-1CC3-B6E789A5C582

So now… how can I fix this issue ???

Why I have 4 times set-cookie?

Please advise.

Aubry

A

Alex Glosband

Adobe Employee

Hi Aubry,

What does your deployment look like? You have an IIS server that is proxying requests to your application server? Do you have a single application server at the backend or a cluster of application servers?

I don’t know of anything that would cause 5 set-cookie headers to get added to the response but I don't think that should in itself be a problem as all the cookies have the same JSESSIONID and path. One of the cookies should get stored by the browser and the browser should then pass it with every request.

Can you send the Charles log with both the requests and the responses? What does the request look like in the IE case when you get the duplicate session detected error? Does it have a JSESSIONID session cookie header? Maybe cookies are disabled in the browser and that is the problem?

Also, what version/build of BlazeDS are you using? I'd recommend that anyone having duplicate session detection problems try using the latest nightly 3.x or trunk build from the BlazeDS downloads page and see if that helps things.

-Alex

A

aubweb

Known Participant

Hi Alex,

Thanks for your prompt reply.

Charles file is there : http://www.aubweb.be/Flexsessions.chls

We have one IIS server with coldfusion 9 installed on it.

And one other server with all the databases.

I am using the balzeDS version shipped with CF9.

I'll try to install the latest nightly trunk build of Blaze DS.

I just need to replace some files on my locale machine where I compile ?

and some jars on the server that's right ? (quite noob question but I don't want to mess something).

Thank you.

A

aubweb

Known Participant

Hi,

Same problem here with Flex and Coldfusion 9.

It's very anoying, I looked for a sollution with no luck

Aubry

A

Alex Glosband

Adobe Employee

Hi.

The client needs to be able to maintain session with the server for BlazeDS to work properly. When a BlazeDS application connects to the server over an endpoint, a FlexClient is created on the server and associated with the JEE session. The id of the FlexClient is returned to the Flex application as the DSID header on the response message and then the Flex application will pass this DSID header with every request.

There are some situations where a single application could have more than one FlexClient. For example, if your application uses two different endpoints to communicate with the server at the same time there would be a different FlexClient for each endpoint. Also, if you loaded two BlazeDS applications into a parent application as sub-apps, each BlazeDS sub-app would have its own FlexClient.

The duplicate session detected errors come from the FlexClient id on the request already being associated with a different JEE session on the server. A FlexClient can only be associated with a single session. BlazeDS checks that the FlexClient id on the request and the JEE session for the request (this will be represented by either a JSESSIONID session cookie header or jsessionid url parameter) are what it expects. If the FlexClient id is already associated with another session we throw an error.

In most cases these errors stem from two initial ping requests getting made to the server at roughly the same time. This could be the application connecting up to the server over two endpoints or two sub-apps in a parent application connecting to the server at the same time. If the client doesn't have a session with the server when these requests go out, a JEE session will be created for each request. Also a FlexClient will get created for each request and associated with its respective JEE session. The problem happens when the responses get sent back to the client. Each response will have a different session cookie header. The last response will win and its session cookie header will get stored by the browser. Now, when additional requests get made to the server, the JEE session will only be correct for one of the endpoints or sub apps. The other one will cause duplicate session detected errors.

The solution for this in most cases is to make sure that you already have a session with the server before connecting up over two endpoints at the same time. There are a number of ways you can implement this in your application which I won't go into in detail here.

It sounds like people are getting these errors for a number of reasons. Hopefully understanding how the duplicate session detection works will help you debug your issues.

For anyone who is interested, I have also blogged about this topic in detail here.

http://www.alexglosband.com/?p=3

A

aubweb

Known Participant

Hi,

Thanks Alex !

"The solution for this in most cases is to make sure that you already have a session with the server before connecting up over two endpoints at the same time. There are a number of ways you can implement this in your application which I won't go into in detail here."

I am using Coldfusion 9 and in my application.cfm i've put :

"<cfapplication name="App name"

SESSIONMANAGEMENT="Yes"

SESSIONTIMEOUT="#CreateTimeSpan(0, 0, 30, 0)#">

This doesn't fx my issue.

I have only one CFM page (with html inside) that holds my application swf (Flex app) and of course many cfc's (in a separate folder, but same server)

Like this :

--My server

--------My app

-----------------application.cfm

-----------------index.cfm

-----------------myapp.swf

--------CFC folder

-----------------application.cfm

-----------------folder 1

---------------------------mycfc1.cfc

---------------------------mycfc2.cfc

-----------------folder 2

--------------------------- ...

-----------------folder 3

--------------------------- ...

I don't know what to do ... sometimes I recieve this error more than 100 times a day...

Regards,

Aubry

A

Anonymous

We have the same issue... using Tomcat proxied by Apache.

Any ideas?

G

gauravnasitAuthor

Participant

No resolution yet for the mentioned problem..:(

G

gauravnasitAuthor

Participant

Also,

For the above case I am using session beans which have the methods that are being exposed as remote services.

The one file that was remaining to be attached, namely, the services-config.xml is been attached here.

Participant

Have you ever found the problem that was causing this? We're running into the same problems and have a pretty similar set up.

T

TomEuchre

Participant

This problem only appears for us too under Websphere 6.2. Under Tomcat there is no issue. There must be more people using BlazeDS on websphere, right? Anyone got an idea?

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded