972 WebSphere Application Server V8.5 Administration and Configuration Guide for the Full Profile
Cookie maximum age
Specifies the amount of time that the cookie lives in the client browser. This option
includes the following choices:
– Expire at the end of the
Current browser session which is the default option.
– Expire by configuring
Set maximum age
If you choose the maximum age option, specify the age in seconds. This value
corresponds to the
Time to Live (TTL) value described in the Cookie specification.
Cookie path
Sets the paths on the server that define where the browser sends the session tracking
cookie. Specify any string that represents a path on the server:
– Use the context root
– Set cookie path, which is also the default option (use the forward slash (/) to indicate
the root directory).
Specifying a value restricts the paths to which the cookie is sent. By restricting paths, you
can keep the cookie from being sent to certain URLs on the server. If you specify the root
directory, the cookie is sent no matter which path on the given server is accessed.
28.3 Storing session information
By default, WebSphere places session objects in memory as local session cache. However,
the administrator can enable persistent session management to place session objects in a
persistent store.
Administrators must enable persistent session management in the following situations:
In a distributed environment, when the user’s session data must be recovered by another
cluster member after a cluster member in a cluster fails or is shut down.
The user’s session data is too valuable to lose through unexpected failure at the
application server.
The administrator desires better control of the session cache memory footprint by sending
cache overflow to a persistent session store.
28.3.1 Local sessions
Many web applications use the simplest form of session management, which is the
in-memory, local session cache. The local session cache keeps session information in
memory and local to the WebSphere Application Server where the session information was
first created.
Local session management does not share user session information with other clustered
servers. The local session management lacks a persistent store for the sessions it manages.
A server failure eliminates the WebSphere Application Server instances and also destroys
any sessions that are managed by those instances.
The administrator can define a limit on the number of sessions that are held in the in-memory
cache by specifying the
Maximum in-memory session count setting, as shown in 28.2.1,
“Session management properties” on page 966. The session manager also permits an
unlimited number of sessions in memory by enabling the
Allow overflow setting. If you
choose to enable session overflow, monitor the state of the session cache closely for
performance purpose.
Chapter 28. Session management 973
28.3.2 Persistent sessions management
WebSphere Application Server provides the following options for persistent session
management:
Database session persistence, where sessions are stored in the database specified.
Memory-to-memory session replication using the data replication service available in
distributed server environments.
In a distributed environment, you can have both these two session mechanism options, as
shown in Figure 28-5. In a stand-alone environment, you can only set the database session
persistence.
Figure 28-5 Persistent session options
All information that is stored in a persistent session store must be serialized. As a result, all of
the objects that are held by a persistent session store must implement java.io.Serializable. In
general, consider making all objects that are held by a session serialized, even if immediate
plans do not call for the use of persistent session management. Enabling this feature makes
the transition between local and persistent management occur transparently.
The session manager maintains a cache of the most recently used sessions in memory. If it
cannot find the session information from the cache, session manager queries the persistent
storage. Retrieving a user session from the cache eliminates a more expensive retrieval from
the persistent store. Session data is stored to the persistent store based on your selections
for write frequency and write content option.
WAS
Web
container
WAS
Web
container
Database
Database
persistent
sessions
WAS
Web
container
WAS
Web
container
Data
replication
service
WAS
(Store)
Get WebSphere Application Server V8.5 Administration and Configuration Guide for the Full Profile now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
