In a WebLogic cluster, the HttpSession.getId() call returns a string that not only includes the session ID but also what WebLogic refers to as JVMIDs. These values indicate which nodes in the cluster are the active and which one is preferred. For example, getId() might return a value that looks like this:
The entire string is made up of the actual session id PLUS a couple of unique identifiers (delimited by '!') for cluster nodes (the final value is something else). The JVMIDs are used by the WebLogic plugin (at least) for routing requests. If you shut a cluster node down, the getId() call will return something like this - the node that is down is now indicated as 'NONE':
Starting the node back up shows that a new JVMID is used to indicate the recently restarted node:
This may lead to objects being cached according to the sessionId to become stranded and thus a memory leak.