PQ55940; 4.0.1: Session ID shared in a multi-JVM
environment with no persistence
Downloadable files
Abstract
Session ID will be shared across Web Applications in a
Multi-JVM environment even when session persistence is not
configured.
Download Description
PQ55940 resolves the following problem:
USERS AFFECTED:
WebSphere Application Server - Session Manager Users
PROBLEM DESCRIPTION:
Session ID needs to be shared across Web Applications in a Multi-JVM
environment without session persistence configured.
In a Multi-JVM environment without session persistence, requests can be
sent to different Web applications. Since session persistence is not
enabled, the session manager cannot determine whether it is a valid
session id or not if the session object does not exist in that JVM. This
will cause a new session object to be created in the Web applications
where this session object does not exist. With this fix, you can use a
system property called HttpSessionIdReuse which will cause the session
manager to use a sessionid sent from a browser.
PROBLEM CONCLUSION:
A fix has been made so that session ids can be shared across Web
applications without using persistence.
Directions for applying the System Property:
1. Specify the System Property HttpSessionIdReuse = true Specifying the
property using Administrative console.
a. Under WebSphere Administrative Domain, Expand Nodes
b. Expand Application Servers
c. Expand Default Server
d. Expand Process Definition
e. Select JVM Settings, in the right hand panel under Advanced Settings,
Click on System Properties.
f. Click New button, Specify Name as HttpSessionIdReuse and Value as
true. Click OK.
g. Save the configuration changes.
2. Stop the Server
3. Start the Server.
Prerequisites
None
Installation instructions
Please refer to the readme.txt for installation instructions