6 Replies Latest reply on Mar 9, 2013 5:34 AM by fidox

    JBoss 6 persistent http session

    zmb668

      Hi Everybody!

       

      Is there any way to configure JBoss 6 to retain http sessions across server restarts?

        • 1. Re: JBoss 6 persistent http session
          mp911de
          • 2. Re: JBoss 6 persistent http session
            zmb668

            Thanks for the reply. This is the only way to persist sessions? I would like to save in the local file system.

            • 3. Re: JBoss 6 persistent http session
              jaikiran

              It's already persisted by default in filesystem (in the "work" folder). However,  the work folder by default is deleted when a context is destroyed (i.e. application undeployed). You can configure it to be persistent across server restarts by setting the deleteWorkDirOnContextDestroy to false in the JBOSS_HOME/server/<servername>/deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml:

               

              <!--Flag to delete the Work Dir on Context Destroy -->
                    <property name="deleteWorkDirOnContextDestroy">false</property>
              
              • 4. Re: JBoss 6 persistent http session
                amitev

                Is a similar configuration available in JBoss 7?

                • 5. Re: JBoss 6 persistent http session
                  fidox

                  I have configured the solution proposed on http://community.jboss.org/wiki/HAWebSessionsviaDatabasePersistence and others like to configure the <Manager> in the context.xml using both file and db storage. But in JBoss-6.0.0.Final simply does not work. May be a bug?

                  I have done several tests and on all of them the sessions are properly stored in the configured persistence. But if I redeploy the application or restart the JBoss server it will ignore the persisted sessions and require me a new login instead of reuse the previous one. I have checked that the SessionID is stored in the session persistence and the browser is sending the correct cookie.

                   

                  I have attached a test case for JBoss-6.0.0.Final. It is configured as http://community.jboss.org/wiki/HAWebSessionsviaDatabasePersistence

                   

                  Simply add this line to the file jboss-6.0.0.Final/server/default/data/hypersonic/localDB.script (You could use your own mysql datasource if you want)

                   

                  CREATE TABLE httpsessions (app VARCHAR(255) NOT NULL, id VARCHAR(255) NOT NULL, fullId VARCHAR(255) NOT NULL, creationtime BIGINT NOT NULL,  maxinactive BIGINT NOT NULL, version INT NOT NULL, lastaccess BIGINT NOT NULL,  isnew CHAR(1) NOT NULL, valid CHAR(1) NOT NULL, metadata VARBINARY NULL,  attributes LONGVARBINARY NOT NULL,  CONSTRAINT app_id PRIMARY KEY (app, id))

                  Then, deploy the application and go to localhost:8080/web In the login form enter the credentials: user:password If suecssfull login you will get a 'ok' (see index.html) Then, you can see how the session is stored in the database:

                   

                  $ cat jboss-6.0.0.Final/server/default/data/hypersonic/localDB.log

                  You will get somethig like that:

                   

                  ...

                  DELETE FROM HTTPSESSIONS WHERE APP='/web' AND ID='vIUYhSZDkw7fjCnEealRFA__'

                  INSERT INTO HTTPSESSIONS VALUES('/web','vIUYhSZDkw7fjCnEealRFA__','vIUYhSZDkw7fjCnEealRFA__',1351177671379,1800,9,1351178495217,'0...

                  COMMIT

                  If you redeploy the application using:

                   

                  $ touch jboss-6.0.0.Final/server/default/deploy/test.ear/META-INF/application.xml

                  And then reload your browser on localhost:8080/web, you will be prompted to enter the user/password again, even the sesion id has been stored. You get this behavior too using the native jbossweb.sar/context.xml <Manager> configuration.

                   

                  Anybody can say me if I have lost some configuration or really it is a bug? I have done a lot of permutations between several configurations but always get the same results.

                   

                  I put a link with the test case because I don't know how to attach it to the forum:

                   

                  http://kcy.me/bww8

                   

                  Greetings.

                  • 6. Re: JBoss 6 persistent http session
                    fidox

                    At the end I've discovered why this doesn't work for me. I'm using JAAS as an authentication framework, os even the session data is correctly persisted, the JAAS principal is not so the user autenthication will be lost and the user will need to relogin even if their session is persisted. The only solution I've found for this is use a cluster:

                     

                    http://corecanarias.blogspot.com.es/2013/03/jaas-persistent-sessions-with-jboss-6.html