On our production environment, one of our users (I have remotely
connected
to their system) is losing Session information as soon as they try to do
anything past their login. Even stranger (I can tell via the title of
the
page) that the session information is getting mixed up. The title of
the
page should be the user’s name and after clicking on a page that
requires
session / cookie information, the title of the page changes to another
user’s name. So something isn’t right…
Our development environment (unfortunately) at this time uses Apache
(we’ll
be upgrading it to Nginx shortly). This issue does not exist in our
development environment.
The problem computer is behind a proxy and the proxy on that server is
configured as a “text” proxy (i.e. not ip address… rather proxy name).
So
I’m not sure if that would be an issue?
Is it possible that sessions are getting mixed up between users behind a
proxy who’s name is the same?
Thanks, this is definitely a very odd situation. Essentially within a
few
seconds of being logged in, it kicks her out and actually shows
information
about a different session.
I don’t even know where to look for this one. There are no nginx error
logs
corresponding to this and the access logs simply show a trail of clicks.
Regarding the switching of the username via session, turns out that the
page
was being partially cached by the CMS. So as one user was calling it
with
their name, the internal cache would get overwritten. We have now
disabled
this functionality.