Introduction When load balancer sticky sessions are misconfigured, authenticated users get routed to different backend servers, losing their session state and being logged out unexpectedly.

Symptoms - Users randomly logged out during active sessions - Shopping cart items disappearing between requests - WebSocket connections dropping on page navigation - Some requests work while others require re-authentication - Issue correlates with specific backend server deployments

Common Causes - Session affinity not configured or using wrong method - Session stored locally on backend instead of shared store - Cookie-based affinity cookie expiring too quickly - IP hash affinity failing with NAT/proxy users - Backend server restart clearing local sessions

Step-by-Step Fix 1. **Check current load balancer affinity configuration': ```bash # AWS ALB aws elbv2 describe-target-group-attributes --target-group-arn <arn> \ --query "Attributes[?Key=='stickiness.enabled']" # HAProxy grep -E "cookie|balance" /etc/haproxy/haproxy.cfg ```

  1. 1.**Enable sticky sessions with proper configuration':
  2. 2.```yaml
  3. 3.# AWS ALB
  4. 4.aws elbv2 modify-target-group-attributes \
  5. 5.--target-group-arn <arn> \
  6. 6.--attributes Key=stickiness.enabled,Value=true \
  7. 7.Key=stickiness.type,Value=lb_cookie \
  8. 8.Key=stickiness.lb_cookie.duration_seconds,Value=86400
  9. 9.`
  10. 10.**Better: Move to shared session store':
  11. 11.Use Redis or Memcached for session storage instead of sticky sessions.

Prevention - Use shared session stores (Redis) instead of sticky sessions - Implement stateless authentication (JWT) - Monitor session affinity hit rate - Test authentication flow across multiple backend servers - Use health checks that verify session functionality