In WSO2 Application Server, the http sessions of web applications are handled by the underlying embedded tomcat instance. By default, tomcat provides two classes to manage the sessions of web applications: "StandardManager" and "PersistenceManager".
Additionally, the following features are available in AS for managing the sessions of web applications:
- In the webapp management UI, a list of all the active sessions are listed.
- Sessions are terminated when the session is inactive for the specified session expiry time. Sessions can also be explicitly terminated using the management console.
Please note that this UI-based session termination still does not work in a clustered setup. The sessions will be terminated only on the node from which the UI was loaded. Also, if you have a clustered environment, you can read more about HTTP sessions replications in a clustered environment.
In WSO2 Application Server, "CarbonTomcatSessionManager" and "CarbonTomcatSessionPersistentManager" are the extensions to "StandardManager" and "PersistenceManager" implementations respectively. The main feature of these two manager implementations is that both are tenant aware and ensures that the sessions of one tenant cannot be accessed by other tenants. "CarbonTomcatSessionPersistentManager" has the capability to store the currently active and idle sessions to a storage scheme specified by the “Store” configuration. By default, there are two types of stores that can be used with the "PersistanceManager". They are File-based store and JDBC-based store. See the tomcat documentation for more information on these storage implementations.
You can enable "CarbonTomcatSessionPersistentManager" (session persistence) for web applications by updating the context.xml file stored in the <AS_HOME>/repository/conf/tomcat folder. See the following topics for instructions:
Enabling File-based store
Open the context.xml file and add the following to enable a File-based store with CarbonTomcatSessionPersistentManager.
<!-- File based carbon tomcat session persistence manager →
<Manager className='org.wso2.carbon.webapp.mgt.CarbonTomcatSessionPersistentManager'>
<Store className='org.apache.catalina.session.FileStore' directory='<directory-name>'/>
</Manager>
Enabling JDBC-based store
Set up a MySQL database and create a new table using the following SQL command:
create table tomcat_sessions ( session_id varchar(100) not null primary key, valid_session char(1) not null, max_inactive int not null, last_access bigint not null, app_name varchar(255), session_data mediumblob, KEY kapp_name(app_name) );
The above table will be used by the JDBC store to swap out the sessions when required and to swap in the session when they are loaded back into the memory during a server restart.
The following is the default configuration in the
context.xmlfile for enabling a JDBC-based store using the MySQL database.<!-- JDBC based carbon tomcat session persistence manager → <Manager className='org.wso2.carbon.webapp.mgt.CarbonTomcatSessionPersistentManager'> <Store className="org.apache.catalina.session.JDBCStore" driverName="com.mysql.jdbc.Driver" connectionURL="jdbc:mysql://<host-name>/tomcat?user=<user-name>&password=<password>" sessionAppCol="app_name" sessionDataCol="session_data" sessionIdCol="session_id" sessionLastAccessedCol="last_access" sessionMaxInactiveCol="max_inactive" sessionTable="tomcat_sessions" sessionValidCol="valid_session" /> </Manager>- For the database connectivity from Application Server, we need to place the relevant JDBC connector driver in the
<AS_HOME>/repository/components/libdirectory and start the server.