Expand my Community achievements bar.

SOLVED

Sticky Session issue on Safari and iOS

Avatar

Level 2
Level 2
6/18/15 5:58:31 AM

Hi,

In our project we use HttpSession to store data that is used throughout the site. We have a setup which has 2 publish intsances and the dispatcher is configured to have sticky session. Everything works fine on most of the browsers except Safari and iOS devices. We observed that JSESSIONID is changing on each and every request. We suspect this could be the reason why iOS is unable to support sticky. Because of this we are losing session data as the request is served by another publish instance. Please suggest how to resolve this issue.

Views

1.4K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 7
Level 7
2/1/25 9:48:49 PM

To resolve the sticky session issue on Safari and iOS:

1. Set SameSite=None for JSESSIONID Cookie: Ensure the session cookie (JSESSIONID) has the SameSite=None attribute and is marked as Secure for HTTPS. This prevents Safari's cookie handling from interfering with sticky sessions.
- This can be configured in the servlet container (e.g., Tomcat).

2.Ensure Correct Cookie Domain and Path: Verify the cookie’s domain and path are set correctly, especially if you have multiple subdomains (e.g., www.example.com and app.example.com), as Safari may block cookies between subdomains.

3. Enable Session Replication: If you're using multiple publish instances, ensure session replication is configured to maintain session state across instances. You can use JVM-based session replication or external session management like distributed caching.

4. Test Safari and iOS Privacy Settings: Safari's Intelligent Tracking Prevention (ITP) can block cookies. Make sure it's not blocking third-party cookies and test the behavior with different privacy settings.

View solution in original post

Views

54

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Level 7
Level 7
2/1/25 9:48:49 PM

To resolve the sticky session issue on Safari and iOS:

1. Set SameSite=None for JSESSIONID Cookie: Ensure the session cookie (JSESSIONID) has the SameSite=None attribute and is marked as Secure for HTTPS. This prevents Safari's cookie handling from interfering with sticky sessions.
- This can be configured in the servlet container (e.g., Tomcat).

2.Ensure Correct Cookie Domain and Path: Verify the cookie’s domain and path are set correctly, especially if you have multiple subdomains (e.g., www.example.com and app.example.com), as Safari may block cookies between subdomains.

3. Enable Session Replication: If you're using multiple publish instances, ensure session replication is configured to maintain session state across instances. You can use JVM-based session replication or external session management like distributed caching.

4. Test Safari and iOS Privacy Settings: Safari's Intelligent Tracking Prevention (ITP) can block cookies. Make sure it's not blocking third-party cookies and test the behavior with different privacy settings.

Views

55

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
AEM application impact on Inplace OS upgrade

Views

48

Likes

0

Replies

2
Contexthub Configuration issue

Views

38

Likes

0

Replies

1
creating existing component and slingmodel with different name

Views

108

Likes

0

Replies

4
How to call replicate on API created page

Views

105

Likes

0

Replies

2
Issue with Content fragment deletion

Views

99

Likes

0

Replies

2