Session ID changes, causing loss of session


#1

I’m having a problem with sessions. I’m using Rails 2.0.2, and
Firefox.

The problem is that the session_id sometimes changes while users are
using the application. This makes it appear to users that they have
been ‘logged out’. Actually, of course, Rails just thinks it is
dealing with a new user.

Below is an extreme example: I am viewing the login page of the
application and just clicking the browser refresh button. You can see
that I have a different Session ID on each refresh, even though the
page and address are exactly the same.

Cookies are enabled in my browser and I can see the cookie stored on
my machine (using the Firefox developer’s tool bar.)

If I enter my username/password, I am NOT logged in, because the
session ID keeps changing.

Here is the strange part: if I delete the cookies in my browser, the
problem goes away: the session id stops changing and I can log in with
no problem.

Once I clean up my cookies, the application works fine for an certain
period of time. It could be a few seconds or all day. But eventually
the session_id cookie gets ‘corrupted’ again, and I get logged out. I
then need to delete the cookie to continue.

This is MOST annoying to my users. I need to solve this problem ASAP.
Any thoughts, much appreciated.

– John

Processing UserController#signin (for 75.127.142.66 at 2009-01-23
11:25:37) [GET]
Session ID: bd27434ec1e39e52ebe2a2c7ae6a7adc
Parameters: {“action”=>“signin”, “controller”=>“admin/user”}

Request for client 48218343, freak
Rendering template within layouts/admin/standard
Rendering admin/user/signin
Completed in 0.01602 (62 reqs/sec) | Rendering: 0.00859 (53%) | DB:
0.00000 (0%) | 200 OK [https://www.freakystamps.com/admin/user/signin]

init fckeditor

Processing UserController#signin (for 75.127.142.66 at 2009-01-23
11:25:40) [GET]
Session ID: e317a7548c97f38f2fb68fd4e0004add
Parameters: {“action”=>“signin”, “controller”=>“admin/user”}

Request for client 48218343, freak
Rendering template within layouts/admin/standard
Rendering admin/user/signin
Completed in 0.02941 (34 reqs/sec) | Rendering: 0.01595 (54%) | DB:
0.00000 (0%) | 200 OK [https://www.freakystamps.com/admin/user/signin]

init fckeditor

Processing UserController#signin (for 75.127.142.66 at 2009-01-23
11:25:44) [GET]
Session ID: 04a5ae700f1a0e47748df3bbec4add21
Parameters: {“action”=>“signin”, “controller”=>“admin/user”}

Request for client 48218343, freak
Rendering template within layouts/admin/standard
Rendering admin/user/signin
Completed in 0.03012 (33 reqs/sec) | Rendering: 0.01610 (53%) | DB:
0.00000 (0%) | 200 OK [https://www.freakystamps.com/admin/user/signin]