WAS v8.5 > Develop applications > Develop web applicationsAssemble so that session data can be shared
By default, the session management facility supports session scoping by web modules in accordance with the Servlet 2.3 and later API specification. Only servlets in the same web module can access the data associated with a particular session. However, we can use the IBMApplicationSession object or the IBM extension, shared session context, to share data outside of the web module scope.
The IBMApplicationSession object is a parent session object that can be retrieved by a web module's session and can share session attributes across all of the web modules in a business-level application. The default scope of the business-level application is the enterprise application. The shared session context option extends the scope of the session attributes as well. Using the shared session context extension, there is only one session object for the entire business-level application or for the default enterprise application.
If we are using a shared session for a business-level application, then the class files for all objects placed in the session must exist in an isolated shared library and be common among all applications.
The benefit to using the IBMApplicationSession method is that each web module can maintain its own session as well as have a reference to the shared session.
If you’re migrating an application from a previous version of the product, the IBMApplicationSession method requires a change to the application logic of the application.
Restriction: To use a shared session, install all applications within a business-level application on a given server. We cannot split up the enterprise application by servers. For example, we cannot use this option when one enterprise application in"BLA1" is installed on one server and a second enterprise application also in"BLA1" is installed on a different server. In such split installations, applications might share session attributes across web modules using distributed sessions, but session data integrity is lost when concurrent access to a session is made in different web modules. It also severely restricts use of some session management features, like TIME_BASED_WRITES.
For enterprise applications on which this shared session context extension is enabled, the session management configuration on the web module inside the enterprise application is ignored. Then session management configuration defined on enterprise application is used if session management is overwritten at the enterprise application level. Otherwise, the session management configuration on the web container is used. If using multiple enterprise applications within a business-level application, the session management configuration must be common among all applications and web modules within this business-level application. HttpSession listeners that are defined in all the web modules inside the business-level application or enterprise application are invoked for session events. The order of listener invocation is not guaranteed.
Complete the following to share session data across the business-level application.
- Complete the following to share session data using the IBMApplicationSession object within the application code.
- Retrieve the session object
HttpSession session = request.getSession();
- Cast this object to an IBMSession object and call the getIBMApplicationSession method.
IBMApplicationSession appSession = ((IBMSession)session).getIBMApplicationSession();
- Use the appSession like a normal session object.
- Do the following to share session data using the Shared session context extension.
- Start an assembly tool.
- In the assembly tool, right-click the application (EAR file) to share and click Open With > Deployment Descriptor Editor.
- In the application deployment descriptor editor of the assembly tool, select...
WebSphere Extensions | Shared session context
Verify the class definition of attributes put into session are available to all web modules in the enterprise application. The shared session context does not fully meet the requirements of the specifications.
- Save the application (EAR) file. In the assembly tool, after you close the application deployment descriptor editor, confirm to save changes made to the application.
Related concepts:
Session management support
Business-level applications
Development and assembly tools
HTTP session problems