InfoCenter Home >
3: Migration overview >
3.3: Migrating APIs and specifications >
3.3.6: Migrating session management

3.3.6: Migrating session management

Migration from Version 3.x

Some API changes are required in order to redeploy existing applications on Version 4.0. These include changes to the HttpSession API itself as well as issues associated with moving to support for the Servlet 2.2 specification.

Certain access methods have been deprecated in Version 4.0. These deprecated APIs still work in Version 4.0, but they may be removed in a future version of the product. Changes are summarized in the following table:

Wherever you use... Use this instead
getValue() getAttribute()
getValueNames() getAttributeNames()
removeValue() removeAttribute()
putValue() setAttribute()

In accordance with the Servlet 2.2 specification, HttpSession objects must be scoped within a single Web application context; they may not be shared between contexts. This means that a session can no longer span Web applications. Objects added to a session by a servlet or JSP in one Web application cannot be accessed from another Web application. The same session ID may be shared (because the same cookie is in use), but each Web application will have a unique session associated with the session ID.

Relative to session security, the default Session Manager setting for Integrate Security is now false. This is different from the default setting in some earlier releases.

In addition, you may want to review the tuning options now available (article 4.4.1.1.7).

In previous releases of the product, JSPs that contained the usebean tag with scope set to session did not always work properly when session persistence was enabled. Specifically, the JSP writer needed to write a scriplet to explicitly set the attribute (that is, call setAttribute()) if it was changed as part of JSP processing. Two new features in Version 4.0 help address this problem:

The differences between the two solutions are summarized in the following table:

  Applies to... Configured at ... Action
dosetattribute set to true JSP JSP enabler Assures that JSP session-scoped beans always call setAttribute()
Write Contents option set to Write all servlet or JSP application server All session data (changed or unchanged) is written to the database

If session persistence is enabled and a class reload for the Web application occurs, the sessions associated with the Web application are maintained in the persistent store and will be available after the reload.

Some of these differences might impact how you choose to track and manage sessions.

Migration from Version 2.0x

Relative to Version 2.0x, Version 3.0x introduced some changes to session support. See the Related information.

Go to previous article: Migrating to supported user profile APIs Go to next article: Migrating from Version 2.0 session support

 

 
Go to previous article: Migrating to supported user profile APIs Go to next article: Migrating from Version 2.0 session support