HTTP Sessions
A unique session ID can be created on the initial request to a servlet. The session ID is then sent on each subsequent request, either via the JSESSIONID cookie (most commonly used), or by URL rewriting, where the session ID is appended to the URL.
The HttpSession object is a function of the HttpRequest and can be obtained by calling the req.getSession() method. This method then uses the provided session ID and the application being requested to find the correct HTTPSession object.
HTTP Session Management settings can be configured in WebSphere at the Web Container, Application, or Web Module levels. The Application level can override the Web Container level for a specific application, and the Web Module level can override both Application and Web Container levels for a specific Web Module.
HTTP Session objects can be maintained across other application servers (Session replication), a database (Database session persistence), or a data grid (WebSphere eXtreme Scale session replication). This allows sessions to continue to be accessed in the event a request is sent to a different application server in the same cell.
Configuring session management by level – IBM Documentation
Best practices for using HTTP sessions – IBM Documentation
HTTP session problems – IBM Documentation
MustGather: Sessions and Session Management Problems in WebSphere Application Server and Liberty
“IBM prides itself on delivering world class software support with highly skilled, customer-focused people. ”
Contact Support