boolean
Posts: 62
|
Posted: 12/11/2015, 5:56 AM |
|
Hi there,
I have been developing our website and host it in 1 server. Now, when site traffic is up and I have 3 more servers, I put our site in a load balance and try to improve speed.
I set the session stickiness so that the users stayed in the same server after they login.
I would like to change the way CCS stores the user login from sessions to cookies so that the user can hit different server which currently has the lease traffic.
Can I do that?
I look up CCS documentation and hope there is a setting somewhere, such as Security Setting, but I did not find anywhere.
If you know how, please point out.
Thank you.
|
|
|
Waspman
Posts: 948
|
Posted: 12/11/2015, 7:20 AM |
|
Shouldn't the server allocation happen before they log in?
_________________
http://www.waspmedia.co.uk |
|
|
Waspman
Posts: 948
|
Posted: 12/11/2015, 7:24 AM |
|
Had a quick google and found this...
Ideally the cluster of servers behind the load balancer should be session-aware, so that if a client connects to any backend server at any time the user experience is unaffected. This is usually achieved with a shared database or an in-memory session database
_________________
http://www.waspmedia.co.uk |
|
|
robertmann
Posts: 109
|
Posted: 12/11/2015, 3:39 PM |
|
Some users may disable cookies in their web browser, but not session cookies (used with sessions).
If they disable both then they may not be able to use too may sites, but disabling standard cookies may still happen.
Also, some hackers can steal cookies of other users... http://security.stackexchange.com/questions/18476/why-u...disable-cookies
When using sessions, you can store them on the server in files or database, although not sure if you'd need to modify the common CCS functions for this.
_________________
Robert |
|
|
boolean
Posts: 62
|
Posted: 12/15/2015, 12:55 PM |
|
Thank you so much for your input, Waspman and robertmann.
With my limited knowledge about load balancer, I just know after setting up the LB and trying different options in the admin panel, the LB did not spread out the number of users evenly. Also, once the user log in, they stick with one server and cannot get out of it because of the sticky session. Without sticky session, the user kept logging in and out because it does not know which server he/she did log in.
For security point of view, we have the system in an internal network, so I am OK with it.
Our goal is to allow users to get the data as fast as possible and we don't want 100 sessions in 1 server and 0 on others. That's why I think using cookie is a way to go.
I want to let you know that I got it figure out by modifying the function CCGetSession and CCSetSession. A tricky thing is that session can have values in array, and cookie cannot.
Again, thank you very much.
|
|
|
|