InfoCenter Home >
6: Administer applications >
6.6: Tools and resources quick reference >
6.6.11: Administering HTTP session support (overview) >
6.6.11.0: Session Manager properties

6.6.11.0: Session Manager properties

Allow Overflow
Specifies whether to allow the number of sessions in memory to exceed the value specified by Base In-memory Size property.

  • True - Allow overflow

  • False - Limit the number of sessions in memory to Base In-memory Size

Allow Overflow in use
Indicates the current value of the Allow Overflow property.

Base Memory Size
Specifies the number of sessions to maintain in memory. The meaning differs somewhat, depending on whether you are using in-memory or persistent sessions.

For in-memory sessions, this value specifies the number of sessions in the base session table. Use the Allow Overflow property to specify whether to limit sessions to this number for the entire Session Manager, or allow additional sessions to be stored in secondary tables.

For persistent sessions, this value specifies the size of the general cache. If the Cache property is enabled, the Base In-memory Size specifies how many session updates will be cached before the Session Manager reverts to reading session updates from the database automatically.

This value holds when you are using in-memory sessions, persistent sessions with caching, or persistent sessions with manual updates. (The manual update cache keeps the last n time stamps representing "last access" times, with n being the Base Memory Size value).

The default is 1000. How you customize this setting will depend on your hardware system, the usage characteristics of your site, and your willingness to increase the stack sizes of the Java processes for your Application Servers to accommodate a larger value.

Base Memory Size in use
Indicates the current value of the Base Memory Size property.

Cookie Comment
Specifies information about the cookie.

Cookie Domain
Specifies the value of the domain field of a session cookie. This value will restrict where the cookie is sent. For example, if you specify a particular domain, session cookies will be sent only to hosts in that domain.

Cookie Maximum Age
Specifies the maximum number of milliseconds the cookie will live on the client browser. Corresponds to the Time to Live (TTL) value described in the Cookie specification.

  • Legal Values:
    • Positive integer indicates age in milliseconds

    • -1 indicates the cookie persists for the current browser session

  • Default: -1

Cookie Name
Specifies a unique name for the cookie.
  • Default: sesessionid

Cookie Path
Specifies the value of the path field that will be sent for session cookies. Specify a value to restrict which paths on the server the cookie will be sent to. By restricting paths, you can keep the cookie from being sent to certain servlets, JHTML, and HTML files.

If you specify the root directory, the cookie will be sent whenever the given server is accessed.

  • Legal Values:
    • Any string representing path on server

    • Blank indicates the root directory "/"

Cookie Secure
Specifies whether session cookies include the secure field. Specify Yes to restrict the exchange of cookies to only HTTPS sessions.

Current state
Indicates the state the session manager is currently in. The next time it is started, it will try to change to its desired state setting.
Data Source
Specifies the data source object from which the Session Manager will obtain database connections.

The data source represents a pool of database connections and a configuration for that pool (for example, the maximum number of connections to allow -- the pool size).

Data Source in use
Indicates the data source currently in use.

Desired state
Indicates the state the session manager should have the next time it is started.
Enable Cookies
Specifies whether session tracking uses cookies to carry sessions IDs.
  • Yes - session tracking will recognize session IDs that arrive as cookies and tries to use cookies for sending session IDs

  • No - session tracking will use URL rewriting instead of cookies

Enable Persistent Sessions
Specifies whether to save session data in a database, or lose the session data when the server shuts down.
  • Yes - The session data is stored in a database for each session transaction

  • No - The session data is kept in memory for a single instance of the servlet engine

For changes to take effect, this property requires stopping and restarting the application server with which the session manager is associated.

Enable Persistent Sessions in use
Indicates whether session data will be saved in a database, or will be lost the session data when the server shuts down.

Enable Protocol Switch Rewriting
Specifies whether the session ID is added to URLs when the URL requires a switch from HTTP to HTTPS or HTTPS to HTTP.
  • Yes - The session ID is required in order to go between HTTP and HTTPS

  • No - The session ID is not required in order to go between HTTP and HTTPS

Enable Sessions
Specifies whether session tracking is enabled, meaning the session-related methods for the request and response objects will be functional.
  • True = The Session Manager is functional

  • False = The Session Manager exists but is not functional

Enable Sessions in use
Indicates whether session tracking is currently enabled.

Enable URL Rewriting
Specifies whether the Session Manager uses rewritten URLs to carry the session IDs. If it is enabled, the Session Manager recognizes session IDs that arrive in the URL and, if necessary, rewrites the URL to send the session IDs.

HttpSessionRandIDGen
Specifies whether session IDs are randomly generated. Random ID generation can affect performance of the Session Manager. To disable random ID generation, set this property to false.
HttpSessionSecurity
Associates a user identity with a session. To disable association, set this property to false.
Invalidate Time
Specifies the number of seconds a session is allowed to go unused before it will no longer be considered valid.

Legal values:

  • A positive integer represents the invalidate time in seconds

  • -1 specifies that the session will not be invalidated

Default: 1800 seconds (30 minutes)

  To preserve performance, the invalidation timer is not accurate "to the second." It is safe to assume that the timer is accurate to within two minutes.

You should be aware of the relationship of this setting and the Session Timeout setting of Web applications.

Number of connections
Specifies the maximum number of concurrent connections to establish with the database.

Number of connections in use
Indicates the maximum number of concurrent connections that will be permitted to be established with the database.

Password
Specifies the password for accessing the session database and tables.

Persistence Type
Specifies the mechanism to use for recording persistent session data.

Legal Values:

  • Direct to database

Persistence Type in use
Indicates the mechanism that is currently in use for recording persistent session data.

Servlet Engine (or Servlet Engine Choices)
Indicates the servlet engine with which the Session Manager is associated.

Session Manager Name
Specifies a unique name for the Session Manager.

Start Time
Indicates the most recent time the Session Manager was started.

User ID
Specifies the user ID for accessing the session database and tables.

User ID in use
Indicates the user ID currently in use for accessing the data source for the user session.

Using Cache
Specifies whether to maintain an in-memory list of the most recently used sessions. In some cases, the list (cache) can help avoid database accesses.

  • True - Maintain the list

  • False - Do not maintain the list

This value applies only when persistent sessions are enabled and the Persistence Type is "direct to database."

Using Cache in use
Indicates whether an in-memory list of the most recently used sessions will be maintained.

Using Manual Update

Specifies whether to automatically send session updates to the database. By default, Application Server updates the database with the last access time and any changes effected by the servlet, such as updating or removing application data.

With manual update, Application Server caches the last update times and updates the database asynchronously prior to checks for session invalidation. For other changes, servlet writers perform the updates themselves, using the sync method provided as part of the WebSphere extension to HttpSession, com.ibm.websphere.servlet.session.IBMSession.

  • False - Application Server automatically updates the database at the end of a servlet service() method

  • True - Servlets must call a sync method to update the database manually

This value applies only when persistent sessions are enabled and the Persistence Type is "direct to database."

Using Manual Update in use
Indicates whether manual update is currently in use.

Using Multirow Sessions
Specifies whether to place each instance of application data in a separate row in the database, allowing larger amounts of data to be stored per session. This can yield better performance in certain usage scenarios.

  • True - Place each instance of application data in a separate row of the database

  • False - Allow instances of application data to be placed in the same row

Using Multirow Sessions in use
Indicates whether multirow sessions are currently in use.

Using Native Access

Specifies whether to perform session persistence database updates using optimized JNI-based SQL access, written in the C programming language.

  • True - Use JNI-based SQL written in C to access databases

  • False - Use the JDBC default to access databases

This option is valid only if you are using IBM DB2 as your database.

Using Native Access in use
Indicates whether native access is currently in use.

Go to previous article: Administering HTTP session support (overview) Go to next article: Administering session support with the Java administrative console

 

 
Go to previous article: Administering HTTP session support (overview) Go to next article: Administering session support with the Java administrative console