I don't know if this is by design or if there is a problem somewhere but with Single Sign-On enabled and having a shared sessions table, the table fills up with row upon row of sessions. These IP addresses of these sessions are often duplicated and often overlap with timestamps.

This does not relate to authenticated users though. Only the guest sessions are duplicated many times. The guest sessions themselves aren't the problem. It's the multiple sessions from the same IP address, often with overlapping timestamps. In my opinion there should generally only be one session per IP for guest users.

Comments

danielc’s picture

Status: Active » Closed (works as designed)

The sessions are maintained through cookies. The cookies are tied to a browser to preserve state for that particular instance. They can't be tied to an IP address.

denney’s picture

Ofcourse, I knew that. What I should have said is how come there are so many of these sessions from each IP address? Most of the IP addresses trace back to either Googlebot or Yahoo! Slurp. Shouldn't they only use 1 cookie....

Anyway, back on topic. The real problem is that the sessions aren't removed from the session table when the session times out. They are removed if you log out manually.