Load Balancing With Yii Sessions

I am trying to configure a load-balanced environment using Yii 1.1.14 applications, but I seem to be having the problem where Yii does not keep a user logged in when the load balancer uses another node. Most of the time, when logging in, it will ask the user to login twice because it only logs in on one node, and then loads the page on another. Otherwise, it will ask the user to login again half-way through browsing.

The application is using DB sessions and I can see that the expire time is being updated in the database. Even in the case when it asks them to login again straight after they have already logged in, the session expire time is updated in the database. Does Yii do anything server dependent with the sessions?

I’ve searched around for hours but unable to find much on this topic, and wondering if anyone else has come across such problem.

On the server-side, I am using Nginx with PHP-FPM and Amazon’s ELB as the load balancer. The work around (as a last resort) is to use sticky sessions on the load balancer, but then this does not work the best if a node was to go offline and force the user to use an alternative node.

Please let me know if I need to clarify anything better.

The issue was that the base path which was used to generate the application ID, prefixed to the authentication information in the session, did not match on each server. Amazon OpsWorks was deploying the code to the servers using the same symlinked path, but the real path returned by PHP differed due to versioning and symlinking.

For example, the symlink path on both servers was ‘/app/current’. However, the actual path on one server was ‘/app/releases/2014010700’ and the other was ‘/app/releases/2014010701’, which was generating a different hash.

Changing the base path to use the symlink path fixed the problem, whereas before it was using dirname() which was returning the real path of the symlinked contents.

Thank you to the following article: http://www.yiiframework.com/forum/index.php/topic/19574-multi-server-authentication-failure-with-db-sessions