6 Replies Latest reply: Mar 9, 2013 5:34 AM by Israel E. Bethencourt RSS

JBoss 6 persistent http session

Böszörményi Péter Newbie

Hi Everybody!

 

Is there any way to configure JBoss 6 to retain http sessions across server restarts?

  • 2. Re: JBoss 6 persistent http session
    Böszörményi Péter Newbie

    Thanks for the reply. This is the only way to persist sessions? I would like to save in the local file system.

  • 3. Re: JBoss 6 persistent http session
    jaikiran pai Master

    It's already persisted by default in filesystem (in the "work" folder). However,  the work folder by default is deleted when a context is destroyed (i.e. application undeployed). You can configure it to be persistent across server restarts by setting the deleteWorkDirOnContextDestroy to false in the JBOSS_HOME/server/<servername>/deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml:

     

    <!--Flag to delete the Work Dir on Context Destroy -->
          <property name="deleteWorkDirOnContextDestroy">false</property>
    
  • 4. Re: JBoss 6 persistent http session
    Adrian Mitev Master

    Is a similar configuration available in JBoss 7?

  • 5. Re: JBoss 6 persistent http session
    Israel E. Bethencourt Newbie

    I have configured the solution proposed on http://community.jboss.org/wiki/HAWebSessionsviaDatabasePersistence and others like to configure the <Manager> in the context.xml using both file and db storage. But in JBoss-6.0.0.Final simply does not work. May be a bug?

    I have done several tests and on all of them the sessions are properly stored in the configured persistence. But if I redeploy the application or restart the JBoss server it will ignore the persisted sessions and require me a new login instead of reuse the previous one. I have checked that the SessionID is stored in the session persistence and the browser is sending the correct cookie.

     

    I have attached a test case for JBoss-6.0.0.Final. It is configured as http://community.jboss.org/wiki/HAWebSessionsviaDatabasePersistence

     

    Simply add this line to the file jboss-6.0.0.Final/server/default/data/hypersonic/localDB.script (You could use your own mysql datasource if you want)

     

    CREATE TABLE httpsessions (app VARCHAR(255) NOT NULL, id VARCHAR(255) NOT NULL, fullId VARCHAR(255) NOT NULL, creationtime BIGINT NOT NULL,  maxinactive BIGINT NOT NULL, version INT NOT NULL, lastaccess BIGINT NOT NULL,  isnew CHAR(1) NOT NULL, valid CHAR(1) NOT NULL, metadata VARBINARY NULL,  attributes LONGVARBINARY NOT NULL,  CONSTRAINT app_id PRIMARY KEY (app, id))

    Then, deploy the application and go to localhost:8080/web In the login form enter the credentials: user:password If suecssfull login you will get a 'ok' (see index.html) Then, you can see how the session is stored in the database:

     

    $ cat jboss-6.0.0.Final/server/default/data/hypersonic/localDB.log

    You will get somethig like that:

     

    ...

    DELETE FROM HTTPSESSIONS WHERE APP='/web' AND ID='vIUYhSZDkw7fjCnEealRFA__'

    INSERT INTO HTTPSESSIONS VALUES('/web','vIUYhSZDkw7fjCnEealRFA__','vIUYhSZDkw7fjCnEealRFA__',1351177671379,1800,9,1351178495217,'0...

    COMMIT

    If you redeploy the application using:

     

    $ touch jboss-6.0.0.Final/server/default/deploy/test.ear/META-INF/application.xml

    And then reload your browser on localhost:8080/web, you will be prompted to enter the user/password again, even the sesion id has been stored. You get this behavior too using the native jbossweb.sar/context.xml <Manager> configuration.

     

    Anybody can say me if I have lost some configuration or really it is a bug? I have done a lot of permutations between several configurations but always get the same results.

     

    I put a link with the test case because I don't know how to attach it to the forum:

     

    http://kcy.me/bww8

     

    Greetings.

  • 6. Re: JBoss 6 persistent http session
    Israel E. Bethencourt Newbie

    At the end I've discovered why this doesn't work for me. I'm using JAAS as an authentication framework, os even the session data is correctly persisted, the JAAS principal is not so the user autenthication will be lost and the user will need to relogin even if their session is persisted. The only solution I've found for this is use a cluster:

     

    http://corecanarias.blogspot.com.es/2013/03/jaas-persistent-sessions-with-jboss-6.html