6.1.5 Session management

Web browsers and e-commerce sites use HTTP to communicate. In the case of an HTTP client interacting with a servlet, the state information associated with a series of client requests is represented as an HTTP session, and identified by a session ID. The Servlet 2.3 specification defines that, after a session has been created, all following requests need to go to the same application server that created the session.

However, in a clustered environment, there is more than one application server that can serve the client request. Therefore, the Web server plug-in needs to read a request and be able to identify which cluster member should handle it. Session identifiers are used to do this. They allow the plug-in to pick the correct cluster member and Web container to retrieve the current session object.

The session manager module that is part of each Web container is responsible for managing HTTP sessions, providing storage for session data, allocating session IDs, and tracking the session ID associated with each client request.

WebSphere Commerce supports two types of session management: cookie-based and URL rewriting.

xxxx