New Http Session is being created on new request

Latest response

I'm going to upgrade the JBOSS EAP to 7.2.8 to 7.3.6. I'm facing the issue where New Http Session is being created on every request.
I have one ear file containing the multiple war files.
I have one filter which has job to set the attribute user object to session attribute. But other request with same user comes to this filter I could not find this user object in session.

webx.xml for each war file  - 
<distributable/>
<session-config>
    <session-timeout>900</session-timeout>
    <cookie-config><name>CUSTJSESSIONID</name><http-only>true</http-only><secure>true</secure>
    </cookie-config>
    <tracking-mode>COOKIE</tracking-mode>
    </session-config>
Jboss-all.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss xmlns="urn:jboss:1.0">

<shared-session-config xmlns="urn:jboss:shared-session-config:2.0">
<distributable/>
        <max-active-sessions>50</max-active-sessions>
        <session-config>
            <session-timeout>900</session-timeout>
            <cookie-config>
                 <name>LRPTLJSESSIONID</name>
                <!-- <domain>fscm</domain> -->
                <!-- <path>/cookiePath</path> -->
                <!-- <path>/</path> -->
                <!-- <comment>cookie comment</comment> -->
                <http-only>true</http-only>
                 <secure>true</secure>
                <!-- <max-age>-1</max-age> -->
            </cookie-config>
            <tracking-mode>COOKIE</tracking-mode>
        </session-config>

    </shared-session-config>
<distributable-web xmlns="urn:jboss:distributable-web:2.0">
<infinispan-session-management cache-container="web" granularity="SESSION">
<primary-owner-affinity/>
</infinispan-session-management>
</distributable-web>
</jboss>

jboss-web.xml
<jboss-web xmlns="http://www.jboss.com/xml/ns/javaee"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-web_10_0.xsd">
<max-active-sessions>50</max-active-sessions>
     <replication-config>
        <replication-granularity>SESSION</replication-granularity>
    </replication-config>
</jboss-web>
standalone-full-ha.xml

 <subsystem xmlns="urn:jboss:domain:distributable-web:2.0" default-session-management="default" default-single-sign-on-management="default">
            <infinispan-session-management name="default" cache-container="web" granularity="SESSION">
                <primary-owner-affinity/>
            </infinispan-session-management>
            <infinispan-single-sign-on-management name="default" cache-container="web" cache="sso"/>
            <infinispan-routing cache-container="web" cache="routing"/>
        </subsystem>

<subsystem xmlns="urn:jboss:domain:infinispan:9.0">
            <cache-container name="web" default-cache="dist" module="org.wildfly.clustering.web.infinispan">
                <transport lock-timeout="60000"/>
                <replicated-cache name="sso">
                    <locking isolation="REPEATABLE_READ"/>
                    <transaction mode="BATCH"/>
                </replicated-cache>
                <replicated-cache name="routing"/>
                <distributed-cache name="dist">
                    <locking isolation="REPEATABLE_READ"/>
                    <transaction mode="BATCH"/>
                    <file-store/>
                </distributed-cache>
            </cache-container>

 <subsystem xmlns="urn:jboss:domain:undertow:10.0" instance-id="${dap.peer.id}" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">
            <buffer-cache name="default"/>
            <server name="default-server">

                <http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true" max-parameters="10000"/>

                <host name="default-host" alias="localhost">
                    <filter-ref name="requestDumperExpression"/>
                    <http-invoker security-realm="ApplicationRealm"/>
                    <access-log pattern="%a %l %t %p %H %m %U %s %T" rotate="false" prefix="access."/>
        </host>
                <https-listener name="defaults" socket-binding="https" security-realm="HTTPSRealm" max-parameters="10000"/>
        </server>
            <servlet-container name="default">
                <jsp-config/>
                <websockets/>
            </servlet-container>
            <handlers>
                <!--<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>-->
            </handlers>
            <filters>
                <expression-filter name="requestDumperExpression" expression="dump-request"/>
            </filters>
        </


After this configuration I'm getting the following exception

2021-06-03 06:55:02,891 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /p/Home.action: java.lang.IllegalStateException: WFLYCLWEBUT0001: Session L_VVN-ICgdEXinPGCXCn4nNxsnn_-6CXADRWQSQE is invalid
at org.wildfly.clustering.web.undertow.session.DistributableSession.validate(DistributableSession.java:293)
at org.wildfly.clustering.web.undertow.session.DistributableSession.validate(DistributableSession.java:285)
at org.wildfly.clustering.web.undertow.session.DistributableSession.getAttribute(DistributableSession.java:161)
at io.undertow.servlet.spec.HttpSessionImpl.getAttribute(HttpSessionImpl.java:122)
at com.db.portal.toolkit.plugin.websso.WebSSOSupportFilter.getUserIdFromSession(WebSSOSupportFilter.java:340)
at com.db.portal.toolkit.plugin.websso.WebSSOSupportFilter.doFilter(WebSSOSupportFilter.java:199)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at com.db.portal.toolkit.plugin.websso.WebSSODevFilter.doFilter(WebSSODevFilter.java:66)

What i did to overcome this exception than I removed the 
<shared-session-config xmlns="urn:jboss:shared-session-config:2.0"> tag from jboss-all.xml 

Still creating new httpsession for each request. Can anyone help me ? Is this session sharing issue between different wars in one ear?

Responses

anyone please suggest