InfoCenter Home >
6: Administer applications >
6.6: Tools and resources quick reference >
6.6.11: Administering HTTP session support (overview) >
6.6.11.0: Session Manager properties
Key:
Applies to Java administrative console of Advanced Edition Version 4.0
Applies to Web administrative console of Advanced Single Server Edition Version 4.0
Applies to Application Client Resource Configuration Tool
-
Application Server
- The application server with which the Session Manager is associated
-
Allow Overflow
- Whether to allow the number of sessions in memory to exceed the value specified by
Max In Memory Session Count property
-
Cookie Domain
or Domain
- The value of the domain field of a session tracking cookie.
This value will dictate to the browser whether or not to send a cookie to particular servers.
For example, if you specify a particular domain, session cookies will be sent only to hosts
in that domain. The default domain is the server.
-
Cookie Maximum Age
or Maximum Age
- The amount of time that the cookie will live on the client browser.
Specify that the cookie will live only as long as the current browser session, or to a maximum age. If you
choose the maximum age option, specify the age in seconds.
This value corresponds to
the Time to Live (TTL) value described in the Cookie specification.
For Advanced Single Server Edition, use -1 to specify the current browser session.
-
Cookie Name
or Name
- A unique name for the cookie. The name must be JSESSIONID as specified in the Servlet 2.2 API
-
Confirm Password
- Enter the password a second time to ensure it recorded correctly
-
Cookie Path
or Path
- This dictates browser whether cookie is sent to the URI requested based on the path.
Specify any string representing a path on the server. "/" indicates root directory.
Specify a value in order to restrict the paths to which the cookie will be sent. By
restricting paths, you can keep the cookie from being sent to certain URLs on the server.
If you specify the root directory, the cookie will be sent no matter which path on the
given server is accessed.
-
Data Source JNDI Name
or Data Source
- The JNDI name of the non-JTA enabled data source from which the Session Manager will obtain database connections.
For example, if the JNDI name of the datasource is "jdbc/sessions", specify "jdbc/sessions."
The data source represents a pool of database connections
and a configuration for that pool (such as the pool size). The data source must already exist as a configured resource in the environment.
-
Data Source
- See Data Source JNDI Name
-
DB2 Row Size
- The tablespace page size configured for the sessions table, if using a DB2 database. Possible
values are 4, 8, 16, and 32 kilobytes (K).
The default row size is 4K. In DB2, it can be updated to a larger value. This can help database
performance in some environments.
When this value is other than 4, you must specify Table
Space Name to use. For 4K pages, the Table Space Name is optional.
-
Domain
- See Cookie Domain
-
Enable Cookies
- Whether session tracking will use cookies to carry session IDs. If cookies are enabled,
session tracking will recognize session IDs that arrive as cookies and try to use cookies
for sending session IDs. If cookies are not enabled, session tracking will use URL rewriting
instead of cookies (if URL rewriting is enabled). Enabling cookies takes precedence over URL
rewriting.
For Advanced Single Server Edition, do
not disable cookies in the Session Manager of the application server that
is running the administrative application, because it will cause the administrative application
not to function after a restart of the server. An alternative is to run the administrative application
in a separate process from your applications.
-
Enable Persistent Sessions
- When persistent sessions are enabled, the Session Manager will persist session information
into the data source specified by the data source connection settings. Otherwise, the Session
Manager will discard the session data when the server shuts down.
-
Enable Protocol Switch Rewriting
- Whether the session ID is added to a URL when the URL requires a switch from HTTP to
HTTPS or from HTTPS to HTTP. If rewriting is enabled, the session ID is required in order
to go between HTTP and HTTPS.
-
Enable Security Integration
or Integrate with WebSphere Security
- When security integration is enabled, the Session Manager
will associate the identity of users with their HTTP sessions.
Do not enable this property if the application
server contains a Web application that has Form Login configured as the authentication method and
local operating system is the authentication mechanism.
It will cause authorization failures when user agents try to use the Web application.
-
Enable SSL Tracking
or Enable SSL ID Tracking
- Whether session tracking uses SSL to carry session IDs. Enabling SSL tracking takes precedence
over cookie-based session tracking and URL rewriting.
-
Enable SSL ID Tracking
- See Enable SSL Tracking
-
Enable URL Rewriting
- Specifies whether the Session Manager uses rewritten URLs to carry the session IDs.
If URL rewriting is enabled, the Session Manager recognizes session IDs that arrive in the URL if
the encodeURL method is called in the servlet
-
First Hour
or First Time of Day (0 - 23)
- The first hour during which the invalidated persistent sessions will be cleared
from the database. This value must be a positive integer between 0 and 23. This is valid only
when schedule invalidation is enabled.
-
First Time of Day (0 - 23)
- See First Hour
-
Integrate with WebSphere Security
- See Enable Security Integration
-
Invalidation Timeout
- Specifies how long a session is allowed to go unused before it will be
considered valid no longer.
For Advanced Edition: Specify either "Set timeout" or "No timeout." If you select to set the timeout, the value must be at
least two minutes, specified in minutes.
For Advanced Single Server Edition: Use a -1 to specify that the session will not be invalidated.
The value of this setting is used as a default when the session timeout is not specified in a
Web module deployment descriptor.
Note, to preserve performance, the invalidation timer
is not accurate "to the second." It is safe to assume that the timer is accurate to within two
minutes. When the Write Frequency is time based, this value should be at least twice as large as
the write interval.
-
Maximum Age
- See Cookie Maximum Age
-
Max In Memory Session Count
or Maximum In Memory Session Count
- Specifies the maximum number of sessions to maintain in memory.
The meaning differs depending on whether you are using in-memory or persistent sessions.
For in-memory sessions, this value specifies the number of sessions in the base session table.
Use the Allow Overflow property to specify whether to limit sessions to this number for the
entire Session Manager, or to allow additional sessions to be stored in secondary tables.
For persistent sessions, this value specifies the size of
the memory cache for sessions. When the session cache has reached
its maximum size and a new session is requested, Session Manager
removes the least recently used session from the cache to make
room for the new one.
-
Name
- See Cookie Name
-
Node
- The administrative node with which the Session Manager is associated
-
Password
- The password for database access
-
Path
- See Cookie Path
-
Restrict exchange of cookies to secure sessions
or Secure
- Whether session cookies include the secure field. Enabling the feature will restrict the exchange of cookies
only to HTTPS sessions.
-
Schedule Invalidation
or Specify session database cleanup schedule for invalidated sessions
- Enables the scheduled invalidation process for cleaning up the invalidated HttpSessions from
the sessions database. Enable this option to reduce the number of database updates that are required
to keep the HttpSessions alive.
When this option is not enabled, the invalidator process runs every
few minutes to remove invalidated HttpSessions.
When this option is enabled, this setting specifies the two hours of a day in which the
invalidator process cleans up the invalidated persistent sessions in the database. Specify the times
at which there will be less activity in the session database.
-
Second Hour
or Second Time of Day (0 - 23)
- The second hour during which the invalidated persistent sessions will
be cleared from the database. This value must be a positive integer between 0 and 23.
This is valid only
when schedule invalidation is enabled.
-
Secure
- See Restrict exchange of cookies to secure sessions
For Advanced Single Server Edition, do
not enable this feature in the Session Manager of the application server that
is running the administrative application, because it will cause the administrative application
not to function after a restart of the server. An alternative is to run the administrative application
in a separate process from your applications.
-
Specify session database cleanup schedule for invalidated sessions
- See Schedule Invalidation
-
Table Space Name
- Tablespace to be used for the sessions table. This value is required when the DB2 Page Size is other than
4K and session persistence is enabled.
-
User ID
or Username
- The user ID for database access
-
Use Multirow Sessions
or Using Multirow Schema
- Whether to place each instance of application data in a separate row in the database,
allowing larger amounts of data to be stored for each session. This can yield better performance
in certain usage scenarios. If using multirow schema is not enabled, instances of application data
can be placed in the same row.
-
Username
- See User ID
-
Using Multirow Schema
- See Use Multirow Sessions
-
Write Contents
- Whether only updated attributes should be written to the database. Otherwise, all of the session
attributes will be written to the database, whether or not they have changed.
- If you specify only updated attributes, only the updated attributes will be written
to the database
- If you specify all session attributes, all attributes will be written to the
database
-
Write Frequency
- When the session will be written to the database.
- If you specify end of servlet service (END_OF_SERVLET_SERVICE), a session will be written
to the database after the servlet completes execution.
- If you specify manual update (MANUAL_UPDATE), programmatic sync on the
IBMSession object will be required in order to write the session data to the database.
- If you specify time based (TIME_BASED_WRITE), session data will be written to
the database based on the specified Write Interval value.
-
Write Interval
- If the Write Frequency is specified as TIME_BASED_WRITE, this value specifies how
often the session data will be written to the database. The value must be a number of
seconds, specified as a positive integer in the range from 5 to 9999. At minimum, a
configured Invalidation Timeout should be twice as large as the configured write
interval.
See also the other application server properties.
|
|