Issues after upgrading from 5.2.5.20 to 5.2.8.50

We upgraded our Lucee instance today and we started getting a flood of errors. Most of the errors were related to Application and Session scope variables not existing. After the upgrade we restarted the Lucee instance by invoking “sudo service lucee_ctl restart” and it did not seem to correct the errors we were having. We tried down grading and then upgrading again but we still had the same problem.

I seen there was a fix made for applications making use of the this.sessionCluster=true https://luceeserver.atlassian.net/browse/LDEV-1207. We have three nodes in AWS behind ELB and we typically upgrade one node at a time and put it back in the load balancer to see if any errors occur. This has always worked great for us because we can pull it out right away if there are issues. Is it possible that the changes in LDEV-1207 would affect the session scope structure in any way that would change the way Lucee looks for variables in the session scope and by having two nodes on 5.2.5.20 and one node on 5.2.8.50 it is corrupting the session?

This would not explain the application variable error we see though so I am not sure what else to look for.

image

I noticed in cf_session_data there are handful of sessions that are unencrypted and start with “struct:” while all the other sessions show as an encrypted string.

It is because of the different versions. When doing the upgrade they must all be on the same version because session end up breaking. Hopefully if someone else runs into the same problem they will see this post.

We came across this here: Cf_session_data stored in datasource is now encrypted/encoded?.