It's already persisted by default in filesystem (in the "work" folder). However, the work folder by default is deleted when a context is destroyed (i.e. application undeployed). You can configure it to be persistent across server restarts by setting the deleteWorkDirOnContextDestroy to false in the JBOSS_HOME/server/<servername>/deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml:
<!--Flag to delete the Work Dir on Context Destroy --> <property name="deleteWorkDirOnContextDestroy">false</property>
I have configured the solution proposed on http://community.jboss.org/wiki/HAWebSessionsviaDatabasePersistence and others like to configure the <Manager> in the context.xml using both file and db storage. But in JBoss-6.0.0.Final simply does not work. May be a bug?
I have done several tests and on all of them the sessions are properly stored in the configured persistence. But if I redeploy the application or restart the JBoss server it will ignore the persisted sessions and require me a new login instead of reuse the previous one. I have checked that the SessionID is stored in the session persistence and the browser is sending the correct cookie.
I have attached a test case for JBoss-6.0.0.Final. It is configured as http://community.jboss.org/wiki/HAWebSessionsviaDatabasePersistence
Simply add this line to the file jboss-6.0.0.Final/server/default/data/hypersonic/localDB.script (You could use your own mysql datasource if you want)
CREATE TABLE httpsessions (app VARCHAR(255) NOT NULL, id VARCHAR(255) NOT NULL, fullId VARCHAR(255) NOT NULL, creationtime BIGINT NOT NULL, maxinactive BIGINT NOT NULL, version INT NOT NULL, lastaccess BIGINT NOT NULL, isnew CHAR(1) NOT NULL, valid CHAR(1) NOT NULL, metadata VARBINARY NULL, attributes LONGVARBINARY NOT NULL, CONSTRAINT app_id PRIMARY KEY (app, id))
Then, deploy the application and go to localhost:8080/web In the login form enter the credentials: user:password If suecssfull login you will get a 'ok' (see index.html) Then, you can see how the session is stored in the database:
$ cat jboss-6.0.0.Final/server/default/data/hypersonic/localDB.log
You will get somethig like that:
DELETE FROM HTTPSESSIONS WHERE APP='/web' AND ID='vIUYhSZDkw7fjCnEealRFA__'
INSERT INTO HTTPSESSIONS VALUES('/web','vIUYhSZDkw7fjCnEealRFA__','vIUYhSZDkw7fjCnEealRFA__',1351177671379,1800,9,1351178495217,'0...
If you redeploy the application using:
$ touch jboss-6.0.0.Final/server/default/deploy/test.ear/META-INF/application.xml
And then reload your browser on localhost:8080/web, you will be prompted to enter the user/password again, even the sesion id has been stored. You get this behavior too using the native jbossweb.sar/context.xml <Manager> configuration.
Anybody can say me if I have lost some configuration or really it is a bug? I have done a lot of permutations between several configurations but always get the same results.
I put a link with the test case because I don't know how to attach it to the forum:
At the end I've discovered why this doesn't work for me. I'm using JAAS as an authentication framework, os even the session data is correctly persisted, the JAAS principal is not so the user autenthication will be lost and the user will need to relogin even if their session is persisted. The only solution I've found for this is use a cluster: