6 Replies Latest reply on Mar 9, 2013 5:34 AM by Israel E. Bethencourt

    JBoss 6 persistent http session

    Böszörményi Péter Newbie

      Hi Everybody!


      Is there any way to configure JBoss 6 to retain http sessions across server restarts?

        • 2. Re: JBoss 6 persistent http session
          Böszörményi Péter Newbie

          Thanks for the reply. This is the only way to persist sessions? I would like to save in the local file system.

          • 3. Re: JBoss 6 persistent http session
            jaikiran pai Master

            It's already persisted by default in filesystem (in the "work" folder). However,  the work folder by default is deleted when a context is destroyed (i.e. application undeployed). You can configure it to be persistent across server restarts by setting the deleteWorkDirOnContextDestroy to false in the JBOSS_HOME/server/<servername>/deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml:


            <!--Flag to delete the Work Dir on Context Destroy -->
                  <property name="deleteWorkDirOnContextDestroy">false</property>
            • 4. Re: JBoss 6 persistent http session
              Adrian Mitev Master

              Is a similar configuration available in JBoss 7?

              • 5. Re: JBoss 6 persistent http session
                Israel E. Bethencourt Newbie

                I have configured the solution proposed on http://community.jboss.org/wiki/HAWebSessionsviaDatabasePersistence and others like to configure the <Manager> in the context.xml using both file and db storage. But in JBoss-6.0.0.Final simply does not work. May be a bug?

                I have done several tests and on all of them the sessions are properly stored in the configured persistence. But if I redeploy the application or restart the JBoss server it will ignore the persisted sessions and require me a new login instead of reuse the previous one. I have checked that the SessionID is stored in the session persistence and the browser is sending the correct cookie.


                I have attached a test case for JBoss-6.0.0.Final. It is configured as http://community.jboss.org/wiki/HAWebSessionsviaDatabasePersistence


                Simply add this line to the file jboss-6.0.0.Final/server/default/data/hypersonic/localDB.script (You could use your own mysql datasource if you want)


                CREATE TABLE httpsessions (app VARCHAR(255) NOT NULL, id VARCHAR(255) NOT NULL, fullId VARCHAR(255) NOT NULL, creationtime BIGINT NOT NULL,  maxinactive BIGINT NOT NULL, version INT NOT NULL, lastaccess BIGINT NOT NULL,  isnew CHAR(1) NOT NULL, valid CHAR(1) NOT NULL, metadata VARBINARY NULL,  attributes LONGVARBINARY NOT NULL,  CONSTRAINT app_id PRIMARY KEY (app, id))

                Then, deploy the application and go to localhost:8080/web In the login form enter the credentials: user:password If suecssfull login you will get a 'ok' (see index.html) Then, you can see how the session is stored in the database:


                $ cat jboss-6.0.0.Final/server/default/data/hypersonic/localDB.log

                You will get somethig like that:




                INSERT INTO HTTPSESSIONS VALUES('/web','vIUYhSZDkw7fjCnEealRFA__','vIUYhSZDkw7fjCnEealRFA__',1351177671379,1800,9,1351178495217,'0...


                If you redeploy the application using:


                $ touch jboss-6.0.0.Final/server/default/deploy/test.ear/META-INF/application.xml

                And then reload your browser on localhost:8080/web, you will be prompted to enter the user/password again, even the sesion id has been stored. You get this behavior too using the native jbossweb.sar/context.xml <Manager> configuration.


                Anybody can say me if I have lost some configuration or really it is a bug? I have done a lot of permutations between several configurations but always get the same results.


                I put a link with the test case because I don't know how to attach it to the forum:





                • 6. Re: JBoss 6 persistent http session
                  Israel E. Bethencourt Newbie

                  At the end I've discovered why this doesn't work for me. I'm using JAAS as an authentication framework, os even the session data is correctly persisted, the JAAS principal is not so the user autenthication will be lost and the user will need to relogin even if their session is persisted. The only solution I've found for this is use a cluster: