InfoCenter Home >
6: Administer applications >
6.6: Tools and resources quick reference >
6.6.11: Administering HTTP session support (overview) >
6.6.11.0: Session Manager properties

6.6.11.0: Session Manager properties

Key:
Property name in the Java-based administrative console Applies to Java administrative console of Advanced Edition Version 4.0
Property name in the Web-based administrative console Applies to Web administrative console of Advanced Single Server Edition Version 4.0
Property name in the application client resource configuration tool Applies to Application Client Resource Configuration Tool

Application Server  Property name in the Java-based administrative console
The application server with which the Session Manager is associated
Allow Overflow  Property name in the Java-based administrative console  Property name in the Web-based administrative console
Whether to allow the number of sessions in memory to exceed the value specified by Max In Memory Session Count property
Cookie Domain  Property name in the Java-based administrative console or Domain  Property name in the Web-based administrative console
The value of the domain field of a session tracking cookie. This value will dictate to the browser whether or not to send a cookie to particular servers. For example, if you specify a particular domain, session cookies will be sent only to hosts in that domain. The default domain is the server.
Cookie Maximum Age  Property name in the Java-based administrative console or Maximum Age  Property name in the Web-based administrative console
The amount of time that the cookie will live on the client browser.

Specify that the cookie will live only as long as the current browser session, or to a maximum age. If you choose the maximum age option, specify the age in seconds.

This value corresponds to the Time to Live (TTL) value described in the Cookie specification.

For Advanced Single Server Edition, use -1 to specify the current browser session.

Cookie Name  Property name in the Java-based administrative console or Name  Property name in the Web-based administrative console
A unique name for the cookie. The name must be JSESSIONID as specified in the Servlet 2.2 API
Confirm Password  Property name in the Java-based administrative console
Enter the password a second time to ensure it recorded correctly
Cookie Path  Property name in the Java-based administrative console or Path  Property name in the Web-based administrative console
This dictates browser whether cookie is sent to the URI requested based on the path. Specify any string representing a path on the server. "/" indicates root directory.

Specify a value in order to restrict the paths to which the cookie will be sent. By restricting paths, you can keep the cookie from being sent to certain URLs on the server. If you specify the root directory, the cookie will be sent no matter which path on the given server is accessed.

Data Source JNDI Name  Property name in the Web-based administrative console or Data Source  Property name in the Java-based administrative console
The JNDI name of the non-JTA enabled data source from which the Session Manager will obtain database connections.

For example, if the JNDI name of the datasource is "jdbc/sessions", specify "jdbc/sessions."

The data source represents a pool of database connections and a configuration for that pool (such as the pool size). The data source must already exist as a configured resource in the environment.

Data Source  Property name in the Java-based administrative console
See Data Source JNDI Name
DB2 Row Size  Property name in the Java-based administrative console  Property name in the Web-based administrative console
The tablespace page size configured for the sessions table, if using a DB2 database. Possible values are 4, 8, 16, and 32 kilobytes (K).

The default row size is 4K. In DB2, it can be updated to a larger value. This can help database performance in some environments.

When this value is other than 4, you must specify Table Space Name to use. For 4K pages, the Table Space Name is optional.

Domain  Property name in the Web-based administrative console
See Cookie Domain
Enable Cookies  Property name in the Java-based administrative console  Property name in the Web-based administrative console
Whether session tracking will use cookies to carry session IDs. If cookies are enabled, session tracking will recognize session IDs that arrive as cookies and try to use cookies for sending session IDs. If cookies are not enabled, session tracking will use URL rewriting instead of cookies (if URL rewriting is enabled). Enabling cookies takes precedence over URL rewriting.

  For Advanced Single Server Edition, do not disable cookies in the Session Manager of the application server that is running the administrative application, because it will cause the administrative application not to function after a restart of the server. An alternative is to run the administrative application in a separate process from your applications.

Enable Persistent Sessions  Property name in the Java-based administrative console  Property name in the Web-based administrative console
When persistent sessions are enabled, the Session Manager will persist session information into the data source specified by the data source connection settings. Otherwise, the Session Manager will discard the session data when the server shuts down.
Enable Protocol Switch Rewriting  Property name in the Java-based administrative console  Property name in the Web-based administrative console
Whether the session ID is added to a URL when the URL requires a switch from HTTP to HTTPS or from HTTPS to HTTP. If rewriting is enabled, the session ID is required in order to go between HTTP and HTTPS.
Enable Security Integration  Property name in the Web-based administrative console or Integrate with WebSphere Security  Property name in the Java-based administrative console
When security integration is enabled, the Session Manager will associate the identity of users with their HTTP sessions.

  Do not enable this property if the application server contains a Web application that has Form Login configured as the authentication method and local operating system is the authentication mechanism. It will cause authorization failures when user agents try to use the Web application.

Enable SSL Tracking  Property name in the Web-based administrative console or Enable SSL ID Tracking  Property name in the Java-based administrative console
Whether session tracking uses SSL to carry session IDs. Enabling SSL tracking takes precedence over cookie-based session tracking and URL rewriting.
Enable SSL ID Tracking  Property name in the Java-based administrative console
See Enable SSL Tracking
Enable URL Rewriting  Property name in the Java-based administrative console  Property name in the Web-based administrative console
Specifies whether the Session Manager uses rewritten URLs to carry the session IDs. If URL rewriting is enabled, the Session Manager recognizes session IDs that arrive in the URL if the encodeURL method is called in the servlet
First Hour  Property name in the Web-based administrative console or First Time of Day (0 - 23)  Property name in the Java-based administrative console
The first hour during which the invalidated persistent sessions will be cleared from the database. This value must be a positive integer between 0 and 23. This is valid only when schedule invalidation is enabled.
First Time of Day (0 - 23)  Property name in the Java-based administrative console
See First Hour
Integrate with WebSphere Security  Property name in the Java-based administrative console
See Enable Security Integration
Invalidation Timeout  Property name in the Java-based administrative console  Property name in the Web-based administrative console
Specifies how long a session is allowed to go unused before it will be considered valid no longer.

For Advanced Edition: Specify either "Set timeout" or "No timeout." If you select to set the timeout, the value must be at least two minutes, specified in minutes.

For Advanced Single Server Edition: Use a -1 to specify that the session will not be invalidated.

The value of this setting is used as a default when the session timeout is not specified in a Web module deployment descriptor.

Note, to preserve performance, the invalidation timer is not accurate "to the second." It is safe to assume that the timer is accurate to within two minutes. When the Write Frequency is time based, this value should be at least twice as large as the write interval.

Maximum Age  Property name in the Web-based administrative console
See Cookie Maximum Age
Max In Memory Session Count  Property name in the Web-based administrative console or Maximum In Memory Session Count  Property name in the Java-based administrative console
Specifies the maximum number of sessions to maintain in memory.

The meaning differs depending on whether you are using in-memory or persistent sessions. For in-memory sessions, this value specifies the number of sessions in the base session table. Use the Allow Overflow property to specify whether to limit sessions to this number for the entire Session Manager, or to allow additional sessions to be stored in secondary tables.

For persistent sessions, this value specifies the size of the memory cache for sessions. When the session cache has reached its maximum size and a new session is requested, Session Manager removes the least recently used session from the cache to make room for the new one.

Name  Property name in the Web-based administrative console
See Cookie Name
Node  Property name in the Java-based administrative console
The administrative node with which the Session Manager is associated
Password  Property name in the Java-based administrative console  Property name in the Web-based administrative console
The password for database access
Path  Property name in the Web-based administrative console
See Cookie Path
Restrict exchange of cookies to secure sessions  Property name in the Java-based administrative console or Secure  Property name in the Web-based administrative console
Whether session cookies include the secure field. Enabling the feature will restrict the exchange of cookies only to HTTPS sessions.
Schedule Invalidation  Property name in the Web-based administrative console or Specify session database cleanup schedule for invalidated sessions  Property name in the Java-based administrative console
Enables the scheduled invalidation process for cleaning up the invalidated HttpSessions from the sessions database. Enable this option to reduce the number of database updates that are required to keep the HttpSessions alive.

When this option is not enabled, the invalidator process runs every few minutes to remove invalidated HttpSessions.

When this option is enabled, this setting specifies the two hours of a day in which the invalidator process cleans up the invalidated persistent sessions in the database. Specify the times at which there will be less activity in the session database.

Second Hour  Property name in the Web-based administrative console or Second Time of Day (0 - 23)  Property name in the Java-based administrative console
The second hour during which the invalidated persistent sessions will be cleared from the database. This value must be a positive integer between 0 and 23. This is valid only when schedule invalidation is enabled.
Secure  Property name in the Web-based administrative console
See Restrict exchange of cookies to secure sessions

  For Advanced Single Server Edition, do not enable this feature in the Session Manager of the application server that is running the administrative application, because it will cause the administrative application not to function after a restart of the server. An alternative is to run the administrative application in a separate process from your applications.

Specify session database cleanup schedule for invalidated sessions  Property name in the Java-based administrative console
See Schedule Invalidation
Table Space Name  Property name in the Java-based administrative console  Property name in the Web-based administrative console
Tablespace to be used for the sessions table. This value is required when the DB2 Page Size is other than 4K and session persistence is enabled.
User ID  Property name in the Web-based administrative console or Username  Property name in the Java-based administrative console
The user ID for database access
Use Multirow Sessions  Property name in the Java-based administrative console or Using Multirow Schema  Property name in the Web-based administrative console
Whether to place each instance of application data in a separate row in the database, allowing larger amounts of data to be stored for each session. This can yield better performance in certain usage scenarios. If using multirow schema is not enabled, instances of application data can be placed in the same row.
Username  Property name in the Java-based administrative console
See User ID
Using Multirow Schema  Property name in the Web-based administrative console
See Use Multirow Sessions
Write Contents  Property name in the Java-based administrative console  Property name in the Web-based administrative console
Whether only updated attributes should be written to the database. Otherwise, all of the session attributes will be written to the database, whether or not they have changed.
  • If you specify only updated attributes, only the updated attributes will be written to the database
  • If you specify all session attributes, all attributes will be written to the database
Write Frequency  Property name in the Java-based administrative console  Property name in the Web-based administrative console
When the session will be written to the database.

  • If you specify end of servlet service (END_OF_SERVLET_SERVICE), a session will be written to the database after the servlet completes execution.
  • If you specify manual update (MANUAL_UPDATE), programmatic sync on the IBMSession object will be required in order to write the session data to the database.
  • If you specify time based (TIME_BASED_WRITE), session data will be written to the database based on the specified Write Interval value.
Write Interval  Property name in the Web-based administrative console
If the Write Frequency is specified as TIME_BASED_WRITE, this value specifies how often the session data will be written to the database. The value must be a number of seconds, specified as a positive integer in the range from 5 to 9999. At minimum, a configured Invalidation Timeout should be twice as large as the configured write interval.

See also the other application server properties.

Go to previous article: Administering HTTP session support (overview) Go to next article: Administering session management with the Web console

 

 
Go to previous article: Administering HTTP session support (overview) Go to next article: Administering session management with the Web console