[Zope-dev] Zope 2.X Session problems

[Michael Dunstan]

On 7/05/2004, at 5:15 AM, Kris Erickson wrote:

> No, that's not the problem;
> in THEORY that's what is happening, but in reality there is no way 
> that this is the case;
> We just unrolled a registration system with participation rates at or 
> around 100 to 200 participants per month;
> At any given time, monitoring the session data container, there are 
> *at most* 1 or 2 items in the transient object container--EXCEPT when 
> it spikes...

I have seen such spikes occur (in a corner case) where some breads of 
web robots were aggressively hitting a page that used sessions. These 
robots did not bother to return the cookie handed out by the server. 
Each page hit effectively constructs a new session.

Have a look through your access logs to see if can see signs of 
something similar happening.

Not all web robots are created equal. I ended up sniffing for the user 
agent and returning a page that does not use sessions for the offending 
robots. (From memory, robots.txt was not useful for this bread.) 
Alternatively you can set the maximum-number-of-session-objects to 
something a lot higher and see if you can just live through the bot 
invasion.

Michael.