3 Replies Latest reply on Apr 27, 2007 10:14 AM by Thomas Heute

    Loss of Session Attributes

    David Hoffman Newbie

      Current Software: JBOSS-PORTAL-2.6-CR1-BUNDLED

      I am trying to use session attributes for my application coding.

      I have three files:

      test1.jsp (in webapp1)

      <%=request.getSession().getId()%><br>
      <% request.getSession().setAttribute("test", "SUCCESS"); %>
      <%=request.getSession().getAttribute("test")%>
      


      test2.jsp (in webapp1)
      <%=request.getSession().getId()%><br>
      <%=request.getSession().getAttribute("test")%>
      


      test3.jsp (in webapp2)
      <%=request.getSession().getId()%><br>
      <%=request.getSession().getAttribute("test")%>
      


      When I go to http://localhost:8080/webapp1/test1.jsp the output is:

      B5926EF39194E3584263C60361905C4C
      SUCCESS


      When I go to http://localhost:8080/webapp1/test2.jsp the output is:

      B5926EF39194E3584263C60361905C4C
      SUCCESS


      When I go to http://localhost:8080/webapp2/test3.jsp the output is:

      B5926EF39194E3584263C60361905C4C
      null


      The sessionId remains the same across webapps, but the session variables appear to be valid only within the context in which they are set. The desire is that these values would be available across webapps.

      I have seen numerous other forum posts over the past couple years regarding similar problems, however have not found any solutions given to the problem.

      Can someone please advise if this is a simple configuration that needs to be made to make session attributes available across webapps on the JBoss App Server that comes bundled with the Jboss Portal 2.6 CR1?

      Thank you in advance for your assistance.

        • 1. Re: Loss of Session Attributes
          Thomas Heute Master

          This is how it's supposed to be.

          Sessions are scoped per web application. See the Servlet spec:


          "SRV.7.3 Session Scope
          HttpSession objects must be scoped at the application (or servlet context) level.

          The underlying mechanism, such as the cookie used to establish the session, can be the same for different contexts, but the object referenced, including the attributes in
          that object, must never be shared between contexts by the container.
          To illustrate this requirement with an example: if a servlet uses the RequestDispatcher to call a servlet in another Web application, any sessions created for and visible to the servlet being called must be different from those visible to the calling servlet.


          • 2. Re: Loss of Session Attributes
            David Hoffman Newbie

            OK, I understand that, and in fact I found a similar statement after having posted my questions. Is there a way (through configuration) to force the behaviour I am attempting to achieve?