Assembling so that session data can be shared
By default, the session management facility supports session scoping by web module in accordance with the Servlet 2.3 and later API specification. Only servlets in the same web module can access the data associated with a particular session. However, you can use the IBMApplicationSession object or the IBM® extension, shared session context, to share data outside of the web module scope.
About this task
The IBMApplicationSession object is a parent session object that can be retrieved by a web module’s session and can share session attributes across all of the web modules in a business-level application. The default scope of the business-level application is the enterprise application. The shared session context option extends the scope of the session attributes as well. Using the shared session context extension, there is only one session object for the entire business-level application or for the default enterprise application.
If you are using a shared session for a business-level application, then the class files for all objects placed in the session must exist in an isolated shared library and be common among all applications.
The benefit to
using the IBMApplicationSession method is that each web module can maintain its own session and have
a reference to the shared session. In other words, multiple requests from the clients, each
specifying a unique web application, result in multiple sessions with a shared session ID. You can
invalidate any of the sessions that share a session ID without affecting other sessions. If another
web application has that session ID in use, new requests from the clients reuse the session ID.
After all the sessions for the session ID are invalidated, and if no web application is using that
session ID, new requests from the client do not reuse the session ID.
If you’re migrating an application from a previous version of the product, the IBMApplicationSession method requires a change to the application logic of the application.
For enterprise applications that have this shared session context extension enabled,
one session object is shared across multiple web modules inside a single enterprise application.
Therefore, one session ID is used among different web modules. The session management configuration
on the web module inside the enterprise application is ignored. The session management configuration
defined on the enterprise application is used if the session management is overwritten at the
enterprise application level. Otherwise, the session management configuration on the web container
is used. If using multiple enterprise applications within a business-level application, the session
management configuration must be common among all applications and web modules within the
business-level application.
Complete the following to share session data across the business-level application.