Kevin Jones wrote:
> If we use the session api from a servlet (or JSP) then the session
> information is stored on the web-server (yes?)
Yep -- it is stored on the server. With servlets, the usual place to store
this is in the HttpSession object, using putValue().
> and a cookie (assuming
> cookies are enabled) is sent to the agent with a session id.
The other option is URL rewriting, but this doesn't really matter for your
question. The session identity is sent back to the client, and is included on
each subsequent request.
> Suppose we have
> a web-farm - looking in the Servlet API it doesn't mention what happens in
> this case. i.e. what happens if I have more than one web server servicing a
> site - where are server-side sessions stored? does any web-server/servlet
> engine offer this capability?
>
The 2.0 and 2.1 API specs doesn't talk much about this, so there is some
freedom of movement for servlet engine implementors. I can speak to the way
that Apache JServ does it (I'm a developer on that project):
* Apache JServ can be configured to support multiple
back-end JVMs. I'm not sure if it deals with multiple
web server front ends or not.
* Non-session servlet requests are randomly distributed
(according to a weighting formula if you want) between
the back end servlet engines.
* Sessions are created on one particular back-end, and
the session ID is modified to include the server identity
as well, so that this session is always served by the same
JVM. Therefore, the standard approach to saving user
data objects in the HttpSession still works.
I understand that some of the high-end app server products (BEA/Weblogic?) also
support a mechanism to migrate a session from one back end JVM to another. For
this to work, the objects you store in the session have to be Serializable.
In the 2.2 API, the rules are somewhat more defined. The deployment descriptor
for a web application can include a "distributable" element, which indicates
that this app has been programmed to operate correctly in such an environment.
If you set this flag, the servlet engine is allowed to migrate your session
back and forth between JVMs; if you don't, it is not. There are some other
restrictions in the spec as well, but that's the basic idea.
Of course, support for distributing sessions at all is not a mandatory feature
of a servlet engine -- check the docs on yours to know if it is supported.
>
> Kevin
>
Craig McClanahan
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
