Session Variable

Hi,
Is it possible to share a session variable across two different applications. If yes, how can we achieve it.

thnx in advance

N Chaurasia

Hi Chaurasia,

Session level variables are not even accessible to other users in the same application. Then it is not possible to access it out side the application.

Regards,
Joice

Chaurasia,

I think session attributes can used in multiple JVMs of the application by implementing the HttpSessionActivationListener. Read some more on this...

Hi Sumit,

I think session attributes can used in multiple JVMs of the application by implementing the HttpSessionActivationListener.

It is not required to implement this interface to share the attributes across differnt JVMs. The session always active only in one JVM at a time. The session can be migrated to different JVM according to Servlet Spec. The listeners only catch the events related to session.

The session object scoped at application level so it can be used in diff JVM in distributed environment, but not for diff. applications.

Thanks

Narendra,

True True... I am little confused on what you meant by the following: -

It is not required to implement this interface to share the attributes across differnt JVMs.

What other way could you share session attributes across multilple JVMs without implementing the HttpSessionActivationListener?

If I understand correctly we are discussing in wrong direction.

The question originally asked here is:

Is it possible to share a session variable across two different applications?

The question does not talks about multiple JVM, but multiple applications.

My answer to both questions (multiple applications, multiple JVMs) is YES.

Yes we can share the same session across multiple web applications and multiple JVMs as long as we are able to pass through session token across.

response.sendRedirect(response.encodeRedirectURL("http://someapp.com/someResourceAbsoluteURL"))

can be used to pass through the session id to different applications. And if cookies are enabled, and session tracking is being done using cookie, then url encoding is not reqquired, browser automatically attaches the cookie with request before sending to same/another application as long as application shares the same domain, i.e. http://app1.mycompany.com/App1/servlet1 and http://app2.mycompany.com/App2/servlet2

can share the same cookie, both applications would have to set the domain of cookie to "mycompany.com" in order to share the cookie across multiple applications.

Another point mentioned here was:

Session level variables are not even accessible to other users in the same application. Then it is not possible to access it out side the application.

This is incorrect. A user may navigate to different application from the same browser and the two application can talk to each other in user's context i.e. session. For example multiple applications of same company requiring "single sign-on"!

Now, coming to sharing session across JVMs, yes it can be done. We can passivate the session and activate it on other JVMs by making all our session attributes serializable. All this happens automatically by using HttpSessionActivationListener as Sumit / Narendra mentioned.

Hope this helps.
[ July 05, 2005: Message edited by: Anand Wadhwani ]

Hi Anand,

I have tried using a session variable across two different Applications.

App1 has the following code :

public class CrossAppSession extends HttpServlet{
public void init(ServletConfig sc)throws ServletException{
super.init(sc);
}

public void doGet(HttpServletRequest req,HttpServletResponse res) throws ServletException,IOException{

PrintWriter out = res.getWriter();
HttpSession session = req.getSession();

session.setAttribute("hello","hello oltas");
res.sendRedirect(res.encodeRedirectURL("http://172.16.80.22:7501/OLTAS/index.jsp"));

}
}


In the above code i am setting hello attribute.



App2 has the following code :

<%
session = request.getSession(true);
String str = (String) session.getAttribute("hello");
%>


<%=str%>
<html>
from App1
</html>




The value of str is null. i.e the App2 is not able to read the session attribute set in App1, then how come the session can be used across different applications.

thnx in advance

Hi all,

Yes, it is not possible to share a session variables ( or session) across different applications alteast using standard servlet specs. because the session object is scoped at the application level .

Another question that sharing of attributes across diff JVMs for same application. If you go through spec. it is mentioned that the session migration is provided by the specs itself under certiaon conditions ( e.g. Spec gurantees to migrates all the session attributes which implement serializable interface). The Session listeners are required only if we want to catch the events like when the session is created or attribute is added or removed for logging and other purpose. The Listeners itself not handle the migration mechanism, they only catch the related events.
Do you require HttpSessionListener to create a session ? it only caches the events. The same is true about the Activation Listeners.

I hope I am not cofusing you all.

Thanks
[ July 06, 2005: Message edited by: Narendra Dhande ]