Heroku session unexpectedly dropped/created

Question

I am running an application on Heroku. We have a staging site and a production site. We are attempting to move to a standard 0 tier database. I have successfully created the new database on the staging site, copied over the data from the free tier database, promoted the new standard tier 0 database, and all runs correctly.

I then created the new standard 0 tier database on production. I successfully copied the data from the free tier database, promoted the standard 0 tier database and the application comes up and users are able to get entries into the database. However, when I try to log in to the admin side of the application, I get a successful log in and land on the admin page, but then when I try to navigate to another page, a new session gets created and I get dumped back to the login page. In various tests this does not occur consistently: sometimes the login fails, sometimes the navigation to another page fails, sometimes the navigation to another page fails, but then a subsequent action (navigation or a search) dumps me back to the login page.

I looked in the logs and see that indeed a new session gets created, although the log entry shows that I already have a JSESSIONID. I also noted in the logs that the session is created quite differently when running against the free tier database (which works fine) than when running against the standard 0 tier database (which has this session dropping problem).

To verify that the problem is repeatable I have turned maintenance on, done a pg:copy of the data in the standard 0 tier database, done a promote of the free tier database, and turned maintenance off. All again works fine on login. I then reversed that process (maintenance on, copy free to standard, promote standard, maintenance off) and the problem recurs.

So, I think I have eliminated this being a code issue (same code should be used in both cases), I think I have eliminated this being a data issue (the same data copied to both databases), and am left with thinking this is some sort of environmental setting. Heroku assures me that the only changes to environment variables have to do with database URLs being set to point to the correct places.

Anyone ever seen this before? Are there other things I should look at or think about? I have security set to "debug" so I see lots of stuff in the logs but the creation of the new (and unwanted) session seems to be spontaneous.

The application is Java based using Spring Framework. The database(s) are Postgres.

Any help would be appreciated.

Answer 1

Heroku support suggested enabling Session affinity. That seems to have worked.