症状

The user randomly not able to login and just stay in the same page after clicking on the login button or suddenly logout without any error message. 

atlassian-jira.log when the user try to login に次のメッセージが表示される。

WARNING: A servlet POST request, to the URI http://atlassian.test.com/rest/gadget/1.0/login, contains form parameters in the request body but the request body has been consumed by the servlet or a servlet filter accessing the request parameters. Only resource methods using @FormParam will work as expected. Resource methods consuming the request body by other means will not work as expected.
Oct 30, 2012 5:55:36 PM com.sun.jersey.spi.container.servlet.WebComponent filterFormParameters
WARNING: A servlet POST request, to the URI http://atlassian.test.com/rest/gadget/1.0/login, contains form parameters in the request body but the request body has been consumed by the servlet or a servlet filter accessing the request parameters. Only resource methods using @FormParam will work as expected. Resource methods consuming the request body by other means will not work as expected.

原因

There are probably two network cards installed on the same server bind to different IP address. As a default setting, Tomcat start at the "*.*.*.*" which mean that it is listening to all IP address. But the token generated for each login user is base on the IP addresses on both client and server,  the token will become invalide when the server is switching the network card. As consequence the user will not be able to login or session expired. 

回避策

We can use the Tomcat parameter:

address :
For servers with more than one IP address, this attribute specifies which address will be used for listening on the specified port. By default, this port will be used on all IP addresses associated with the server. 

like adding address="127.0.0.1" in the server.xml file, so that Tomcat will startup and bind with only one address to avoid such kind of issue from happening.