Salem's Euphoria

Sharing Experience

Leave a comment

Detected duplicate HTTP-based FlexSessions… so what?

Apache Flex

This annoying particular problem is quite easy to solve in most cases. What makes it complicated sometimes, is either the misleading message tail:

generally due to the remote host disabling session cookies. Session cookies must be enabled to manage the client connection correctly.

which will guide you to a wrong road generally, either the initial concurrent calls to BlazeDs Server associating two different flex ID with the same JEE session.

  • Identifying the root cause

    • Install flash player debugger version on your Firefox
    • Enable BlazeDs debug traces

<target class="flex.messaging.log.ConsoleTarget" level="DEBUG">

    • Enable log4j debug traces
    • Identify Flex remote object calls


  • Must-know before troubleshooting

  1. Flex Session is different from JEE session (JSEESSIONID)
  2. You don’t have to disable duplicate session check in BlazeDs, that’s why I won’t tell you how to do it.
  3. Each Endpoint is associated with a distinct flex client; So if you are using two endpoints for example you have two flex client at the same time created on first method call.
  • Flex Session mechanism

  1. On the first call for JEE server, the Flex application has a null Session ID.
  2. When BlazeDs receives a call from a session with a null ID, it generates a new Flex session ID and binds it with the current Java server session.
  3. The SWF holds this id for the relative Endpoint and assign it on every call to that endpoint.
  • The problem

Somehow, BlazeDS received two calls from the SWF with null ID, “at the same time”, so he creates and ID for the first call and another one for the second call. Those IDs are binded to the active Java session.

On the next remote object call, BlaseDS will check the Flex session associated with this Java session and will detect that two different flex session IDs are associated with the same Java session… and throw the famous “Detectd duplicate HTTP-based FlexSessions”, but that’s not due to host disabling session cookies.

  • How to solve the issue

  1. Load you application inside a JSP: Instead of calling your HTML main project page, let’s say it FlexProject.html, load your page inside a JSP page FlexProject.jsp

<%@ include file="FlexProject.html" %>

If that won’t help, you may consider Lin’s blog from adobe team. There’s also an in depth explanation of the issue in Alex Glosband blog.