Assembling so that session data can be shared
By default, the session management facility supports session scoping by web module in accordance with the Servlet 2.3 and later API specification. Only servlets in the same web module can access the data associated with a particular session. However, you can use the IBMApplicationSession object or the IBM® extension, shared session context, to share data outside of the web module scope.
About this task
The IBMApplicationSession object is a parent session object that can be retrieved by a web module’s session and can share session attributes across all of the web modules in a business-level application. The default scope of the business-level application is the enterprise application. The shared session context option extends the scope of the session attributes as well. Using the shared session context extension, there is only one session object for the entire business-level application or for the default enterprise application.
If you are using a shared session for a business-level application, then the class files for all objects placed in the session must exist in an isolated shared library and be common among all applications.
The benefit to using the IBMApplicationSession method is that each web module can maintain its own session and have a reference to the shared session. In other words, multiple requests from the clients, each specifying a unique web application, result in multiple sessions with a shared session ID. You can invalidate any of the sessions that share a session ID without affecting other sessions. If another web application has that session ID in use, new requests from the clients reuse the session ID. After all the sessions for the session ID are invalidated, and if no web application is using that session ID, new requests from the client do not reuse the session ID.
If you’re migrating an application from a previous version of the product, the IBMApplicationSession method requires a change to the application logic of the application.
For enterprise applications that have this shared session context extension enabled, one session object is shared across multiple web modules inside a single enterprise application. Therefore, one session ID is used among different web modules. The session management configuration on the web module inside the enterprise application is ignored. The session management configuration defined on the enterprise application is used if the session management is overwritten at the enterprise application level. Otherwise, the session management configuration on the web container is used. If using multiple enterprise applications within a business-level application, the session management configuration must be common among all applications and web modules within the business-level application.
HttpSession listeners that are defined in all the web modules inside the business-level application or enterprise application are invoked for session events. The order of listener invocation is not guaranteed.Complete the following to share session data across the business-level application.