开发者

PHP Replicated Database Sessions Failover

I have 2 servers available for failover. The database is replicated (MySQL) as a Master-Master, such that, each server runs a copy of the full-stack. I see the session table get updated when I'm on one server, an开发者_高级运维d after inspecting the requests, I see the same PHPSESSID being sent. But, when I change URLs or failover to the secondary machine, my session is killed and I have to re-login.

Same PHPSESSID value is sent on the secondary, but the session is not recognized. Is Apache/PHP linking the session to that particular box? If so, how can I get them to recognize the session that is already in the database?


Note: Moved from 'EDIT' to an answer to mark as answered

Actually found the solution. The 'problem' is the Suhosin patch for securing the PHP installation. Suhosin supports configurable options for encrypting the session data based on a crypt key, as well as the DocRoot of the application, since the failover server had a different DocRoot, there was no chance of the encrypted data being read.

I edited suhosin.ini to add a shared crypt key, and turned off the DocRoot encryption option, and the sessions are shared as expected.

Solution via: http://rommelsantor.com/clog/2011/02/06/php-shared-session-encoding-solution/


If you're using $_SESSION then that is tied down to that server. You should use a cookie to track session ids and then match it back up with a session in the DB.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜