When you configure session management at the web container level, all applications and the respective web modules in the web container normally inherit that configuration, setting up a basic default configuration for the applications and web modules below it. However, you can set up different configurations individually for specific applications and web modules that vary from the web container default. These different configurations override the default for these applications and web modules only.
An enterprise application can contain web modules, and so can an OSGi application. At the web container level and at the application level, the process for configuring HTTP sessions is the same whether the web module is part of an enterprise application or an OSGi application. For enterprise applications only, you can also configure HTTP sessions at the web module level.