Discussions

Web tier: servlets, JSP, Web frameworks: HTTPSession scope, multiple WAR's, multiple EAR's

  1. HTTPSession scope, multiple WAR's, multiple EAR's (4 messages)

    My company is using IBM Websphere Application Server 4.0.5

    This is our situation:

    -- foo.ear contains a.war, b.war, and c.war

    -- bar.ear contains d.war

    -- pog.ear contains e.war and f.war

    Our applications use a custom authentication mechanism.

    After authenticating a user, we store the user's identity
    in the HTTPSession object.

    After the user has logged in, we want that user to be able to access
    any of the 6 web applications ("single sign-on").

    To do this, all 6 web applications must share a single HTTP
    session.

    Is this possible to do in Websphere Application Server 4.0.5?

    If not, is this possible to do in Websphere 5.0.2?

    The Servlet 2.3 specification states:

    {{

    SRV.7.3 Session Scope

    HttpSession objects must be scoped at the application (or servlet context)
    level.

    The underlying mechanism, such as the cookie used to establish the session,
    can be the same for different contexts, but the object referenced, including
    the attributes in that object, must never be shared between contexts by the
    container.

    To illustrate this requirement with an example: if a servlet uses the
    RequestDispatcher to call a servlet in another web application, any sessions
    created for and visible to the callee servlet must be different from those visible to
    the calling servlet.

    }}

    Thanks in advance.

    Related information
    ===================

    Servlet specification

     http://java.sun.com/products/servlet/

    Websphere Application Server 5.0 documentation:

     http://publib7b.boulder.ibm.com/wasinfo1/en/info/aes/ae/cprs_sesm.html

     http://publib7b.boulder.ibm.com/wasinfo1/en/info/aes/ae/tprs_sharing_data.html

     http://publib7b.boulder.ibm.com/wasinfo1/en/info/aes/ae/rtrb_httpsessprobs.html

    Threaded Messages (4)

  2. Hi Sean,

    Tangosol's Coherence can accomplish this out-of-the-box with WebSphere 4.x and 5.x. The current implementation uses our Replicated Cache to store the sessions. We have a new release (installed at some beta sites) which allows you to use any of Coherence's caching schemes (Replicated, Distributed, Near, etc.) to store the sessions and will work with any Servlet 2.2, 2.3 or 2.4 containers.

    Later,
    Rob Misek
    Tangosol Coherence: Cluster your Work. Work your Cluster.
    Coherence Forums.
  3. Websphere...[ Go to top ]

    Rob,

    Thanks for the information about Coherence.

    However, I thought that Coherence was a data replication solution for clustered environments.

    I do not have a clustered environment. I have a single instance of Websphere.

    I want to share session data across EAR's. All of the EAR's are running in the same instance of Websphere.

    -Sean
  4. Websphere...[ Go to top ]

    Hi Sean,

    The Coherence solution would work in a single-server instance as well. And allows you to share those sessions amongst the EARs.

    Later,
    Rob Misek
    Tangosol Coherence: Cluster your Work. Work your Cluster.
    Coherence Forums.
  5. IBM Websphere 5.0, Websphere 4.x[ Go to top ]

    IBM Redbook

    WebSphere Application Server V5: Sharing Session Context
    http://publib-b.boulder.ibm.com/Redbooks.nsf/RedbookAbstracts/tips0215.html?Open


    Is it possible to do the same thing in Websphere 4.x?