Have you checked with your mid tier configuration ?
We have checked the Mid-Tier configuration too. Session Timeout (in minutes) is set to 20 minutes.
Are you telling to check any other parameters at Mid-Tier Configuration ?
Take a look at these BMC KB..
Mid-Tier: ARERR 9201, session timeout problems
You may also check
I guess It is answered here, Please check my posts:
In earlier versions (>7.6.04), BMC recommends to set “sticky bit” for load-balancer but in later versions (i.e in 7.6.04, 8.x and 9.x) this particular parameter is not required and hence should be replaced by “Enable Lifespan” parameter of the midtier.
[‘Enable Lifespan’ settings checkbox should be selected in Midtier configuration->connection settings.].
If all these configurations are in place and still you are facing this issue then I would suggest you to analyse the load balancer logs and settings. [there is something called 'persistence cookie_default' parameter need to be set at LB level. Please check with your LB team]
Please open ticket with BMC support as well.
The said configurations you said are for the Load Balancer between Mid-Tier servers and AR Servers. They are in place already. We had created ticket with BMC support too , but that could not help us with any recommendations.
Can you also check with Network team for any latency issues.
Please check the LoadBalancer settings.
Below are the few details on the Web Servers facing Load-Balancer.
Load-Balancer Make : F5
Persistence Type: Cookie Based
Default Persistence Profile: Cookie
Fallback Persistence Profile: None
Cookie Expiration Value: Not Set
Do we need to set the Cookie Expiration Value at Load-Balancer to greater than the Session Time Out Value Set at Mid-Tier Config Page (i.e 20 mins ) ?
I am not expert to comment on that particular setting but yes, You can give a try.
In fact, you can set it to :
expiration time of the cookie : Never Expire
Also check if there is any timeout parameter defined for cookie persistence entry.
Cookie Expiration (Timeout parameter / Session Stickiness) is currently having no value. What Load Balancer team says is , "setting up session stickiness for 30 minutes may cause users session not closed for 30 minutes and chances of unequally load distribution in case of any web server down." So they are asking if any recommendations that BMC support suggests. Unfortunately we are not able to get the same from BMC Support team.
I have seen this in our configuration.
Mid-Tier/ARServer 9.1 with Mid-Tier LB (sticky source IP) and non-sticky AR Server LB. We are planning on upgrading to SP2 + Patch to observe any positive changes. LBs are F5.
We are also shortly planning to update the Mid-Tier LB to use cookie persistence, instead of source IP persistence. It will have no expiry; it will be a browser session cookie, which means the cookie will only expire when the user closes the browser.
I have LB, Tomcat and Mid-Tier session timeout set to the SAME value (i.e. 30 minutes). I am seeing this session invalid timeout periodically. It's a pop-up from Mid-Tier. I can't recall if it just pops up or only when you click on something or try to open a form, for instance. If the session had timed out, I'd expect to be kicked back to the login page after clicking on something. My hunch is the mid-tier session timeout setting is the culprit and not the tomcat session timeout setting or the LB timeout setting. The LB will soon be cookie and no expiry, which should take it out of the equation here.
I have commented to BMC that the 8.1 and 9.1 documentation both do NOT specify that you should also update the Tomcat session timeout, when you make changes to the Mid-Tier session timeout settings. That's a HUGE step and I figured it out the hard way, when user sessions would expire and they'd be kicked back to the login page. Once I made the appropriate changes to Tomcat session timeout, those problems cleared up. But I am still seeing this infrequent and seemingly intermittent session invalid timeout errors.
Now, what I'd like to know from those who can answer this one is should the Tomcat session timeout be set to something GREATER THAN the Mid-Tier timeout setting? Would that solve this problem? Or, is it OK to have both set to the same exact value? There is no documentation on this from BMC (there should be, however). I think maybe if I set the Tomcat session timeout to a higher value, it might resolve this issue. It doesn't make a whole lotta sense to me. Don't see why this problem should be happening with Tomcat and Mid-Tier timeout values set to the same exact values.