Currently I am running 6 tomcat instances, each one in a ec2 instance on aws, using the elasticache service, with the following session manager configuration :
<Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
memcachedNodes="xxxxxxx"
sticky="false"
sessionBackupAsync="true"
backupThreadCount="3"
lockingMode="auto"
memcachedProtocol="binary"
sessionBackupTimeout="10000"
operationTimeout="10000"
/>
A few days I had a problem that never happened before, a user accessing other user account, after the login process in the application. I think that may happened because of a jsessionid creation synchronization/collision problem, I know that a jsessionid can't be recreated inside the same tomcat, but different tomcat instances can create, eventually, the same jsessionid. Any help will be appreciated.