We have a really bad issue with our rails app. Sometimes a logged in
user who has been browsing around for a bit will be logged in as
someone else. This only happens sometimes which is making this a
really difficult issue to track down.
The current set up is with apache which also acts as a load balancer
and 4 mongrels. We use memcached to store the session.
It seems like the session id or cookie is being cached and then handed
to mongrel. Mongrel then hands back info for some other user. Or maybe
it is some memcached issue with mongrel not handling concurrently
correctly. Really baffled as to why this is happening.
Any help will be appreciated. TIA