Overview: After using parallel deployment to deploy a new version of a web application, sessions information for requests to older versions of the web application is no longer present in the request. i.e. HttpServletRequest.getRequestedSessionId() and HttpServletRequest.getSession(false) both return null for requests to the old version of the web application. Steps to Reproduce: - Deploy version 1 of webapp, trigger a request that creates a session. - Deploy version 2 of webapp - Now any request that refers to the existing session will no longer contain any session information. Additional Information: This bug is not present in tomcat version 8.0.28 and earlier. Perhaps this problem might be related to changes in commit 'Handle the unlikely case where different versions of a web application are deployed with different session settings' where code is added to recycle session info?
Thanks for the report and analysis. I've fixed this in trunk (for 9.0.0.M2 onwards) and the tests pass locally but I want to wait a day or so to give folks a chance to review this and to confirm that the CI servers are happy.
Fixed in 8.0.x for 8.0.31 onwards.