wood burning stoves*
The moose likes Servlets and the fly likes Sharing Session Across Applications Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Sharing Session Across Applications" Watch "Sharing Session Across Applications" New topic
Author

Sharing Session Across Applications

Joseph Erickson
Greenhorn

Joined: May 05, 2006
Posts: 10
We're looking at building a fairly complex, large Servlet application in SAP NetWeaver. I was hoping that we would be able to break out the conceptually related pieces into their own Enterprise Applications. This way we could have a login application seperate from the billing application so that the code is more maintainable and if we needed to update some of the billing code, we wouldn't have to redeploy everything.

The problem comes in when we want to use session data across the applications for single sign on or just for sharing small amounts of data during the user's visit. I have an idea to store the user's session in a database and load it back in depending on a cookie when they hit a new application, but this relies on cookies and doesn't seem like it would work for URL rewriting.

Anyone else have ideas on how a shared session object across applications might work?
dema rogatkin
Ranch Hand

Joined: Oct 09, 2002
Posts: 294
You should access URL rewriting code from full URI. So you can use it as a key to your session data in database.


Tough in space?, <a href="http://tjws.sf.net" target="_blank" rel="nofollow">Get J2EE servlet container under 150Kbytes here</a><br />Love your iPod and want it anywhere?<a href="http://mediachest.sf.net" target="_blank" rel="nofollow">Check it here.</a><br /><a href="http://7bee.j2ee.us/book/Generics%20in%20JDK%201.5.html" target="_blank" rel="nofollow">Curious about generic in Java?</a><br /><a href="http://7bee.j2ee.us/bee/index-bee.html" target="_blank" rel="nofollow">Hate ant? Use bee.</a><br /><a href="http://7bee.j2ee.us/addressbook/" target="_blank" rel="nofollow">Need contacts anywhere?</a><br /><a href="http://searchdir.sourceforge.net/" target="_blank" rel="nofollow">How to promote your business with a search engine</a>
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12759
    
    5
I have an idea to store the user's session in a database

I hope you are not thinking of the HttpSession object! That is created and managed by the servlet container.

Make your own user Serializable "session" to manage persistance in a database and sharing across applications.

Bill
Harpreet Hira
Ranch Hand

Joined: Sep 27, 2001
Posts: 72
In servlet based applications we share data using either ServletContext, HttpSession or ServletRequest. When you have 2 different applications you have different servlet context and session. However, you can share data using HttpServletRequest/Response when you forward request to a different servlet in different application.
Jass Singh
Ranch Hand

Joined: Mar 30, 2006
Posts: 52
Originally posted by Harpreet Hira:
However, you can share data using HttpServletRequest/Response when you forward request to a different servlet in different application.


It is not possible to forward a request to another application. However you can do that by using reasponse.sendRedirect(). But then again I dont know that will help in sharing session data.

Regards,
Jass
Joseph Erickson
Greenhorn

Joined: May 05, 2006
Posts: 10
I hope you are not thinking of the HttpSession object! That is created and managed by the servlet container.


No, I wouldn't store the whole HttpSession, just the vlues I needed.

Make your own user Serializable "session" to manage persistance in a database and sharing across applications.


That was my thought too, but I wasn't sure the best way to handle a key for that persisted session. I found out recently that if a user switches from one application to the next, it actually uses the same session id across the applications, even though they get a new HttpSession every time. I could use this key to hold their persisted data and load it in via a Filter when I needed it.

So, second question. Is it guaranteed, in all J2EE servers, that their sessionid will always be the same across applications? Is this "functionality" I should be relying on?
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12759
    
    5
So, second question. Is it guaranteed, in all J2EE servers, that their sessionid will always be the same across applications? Is this "functionality" I should be relying on?

Absolutely not!
Make up your own unique user id and transmit it in the URL with the redirect. Personally I would use a unique id that can be a valid file name then serialize the user session to a file accessible to all applications - naturally you could serialize to a DB entry with the id as a key.
Bill
Harpreet Hira
Ranch Hand

Joined: Sep 27, 2001
Posts: 72
It is not possible to forward a request to another application. However you can do that by using reasponse.sendRedirect(). But then again I dont know that will help in sharing session data.


Thanks, for setting me straight.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Sharing Session Across Applications
 
Similar Threads
Enabling SSO in J2EE application
Accessing session variables across Multiple applications
Concurrent sessions on multiple web apps?
Session Variable
j2ee certificate ques