When Drupal is using http and https, and session limit is in drop mode, when the max session limit is hit, Session Limit drops the wrong number of sessions. This is because with https, a logged in user holds two browser sessions for Drupal's single session. Drupal stores this as two rows in the sessions table which Session Limit currently considers each row a single Drupal session, which is true in http only mode.
The patch attached simply rewrites the database queries to made by session limit to the session table to ensure it considers a http and https row in the sessions table, for the same session, as a single session.
Comments
Comment #1
deekayen CreditAttribution: deekayen commentedLooks like your patch is mixed with some scmp jmeter stuff.
Comment #2
johnennew CreditAttribution: johnennew commentedCleaned up patch attached.
Comment #3
johnennew CreditAttribution: johnennew commentedTests pass, adding to 7.x-2.x. Setting to 6.x-2.x for the backport.
Comment #4
johnennew CreditAttribution: johnennew commentedD6 6.x-2.x patch attached.
Comment #5
johnennew CreditAttribution: johnennew commentedTests passed, committing to 6.x-2.x