3

This is just the continuation of this post.

I'm coming from ASP.NET world. In ASP.NET I had a few options to store the session: "In proc" and "Out Proc" which mean the session will be serialized and stored either in database or in Session management service. This practice is also relevant to load balancing if I don't want to have my session sticky.

what is the Java/tomcat alternate solution for such cases? How can I store out of proc session?
What is the load balancer solution?

Thank you in advance.

Community
  • 1
  • 1
danny.lesnik
  • 18,479
  • 29
  • 135
  • 200
  • Consider poking around in the spring source. I see that there is a org.springframework.web.bind.support.SessionAttributeStore which leads me to believe that you can extend this class and perhaps implement an "out proc" session storage mechanism of your own. – DwB Nov 13 '10 at 20:30

2 Answers2

2

There is no built-in "out proc" session type for J2EE (at least, not one that is known to me). If you need to store "session" type data, but can not use the HttpSession to do so, then you will have to roll your own solution. This is likely to involve the following:

  • A session identifier that is stored on the client. You will want to use an identifier that is not easily spoofed if your application faces the Internet (versus an internal only app).
  • An API (maybe just a few classes) on the server side to retreive the session information from somewhere (perhaps a central database).
DwB
  • 37,124
  • 11
  • 56
  • 82
0

https://wiki.jasig.org/display/CAS4UM/JPA+Session+Storage

Alex
  • 5,909
  • 2
  • 35
  • 25