5 Replies Latest reply on Feb 13, 2015 5:17 AM by Tomaz Cerar

    Joss AS 7 Session Management

    vijaykumar jagdale Newbie

      Hi All,

       

      I am migrating my application  from jboss 4.2 to jboss 7.

      I am facing a problem due to my application server create a new session id for each request. please let me know how should it prevent this and how to configure a session management in the jboss as 7.

       

      thanks in advance

        • 1. Re: Joss AS 7 Session Management
          Jay SenSharma Master

          How are you creating HttpSession inside your application?  Can you paste the code snippet?

          • 2. Re: Joss AS 7 Session Management
            vijaykumar jagdale Newbie

            With the below mentioned code, a new session ID is created for every request. Thus, the user get logged out from the session for each request, since the old and new session IDs are different.

            In JBoss 4.2 this was not the scenario. Can you please elaborate session management in JBoss7?

             

            import javax.servlet.http.HttpServletRequest;
            import javax.servlet.http.HttpServletResponse;
            import javax.servlet.http.HttpSession;

            import org.apache.struts.tiles.TilesRequestProcessor;

            public class LoginPreprocessor extends TilesRequestProcessor
            {
             
              public boolean processPreprocess(HttpServletRequest request, HttpServletResponse response)
              {
               
               HttpSession session = request.getSession(false);
               //HttpSession session = request.getSession(true);
               System.out.println("----------------------------------------------------");
               System.out.println("session Id"+session.getId());
               System.out.println("-----------------------------------------------------");
                    //If user is trying to access login page
                    // then don't check
                    if( request.getServletPath().equals("/LoginAction.do")
                        || request.getServletPath().equals("/jsp/default.jsp")
                     )
                    
                        return true;
                   
                    //Check if USER_ID attribute is there is the session.
                    //If so, it means user has already been logged in, return true
                    if( session != null && session.getAttribute("USER_ID") != null)
                        return true;
                    else{
                        try{
                            //If not, redirect the user to login Page
                         System.out.println("------In LoginPreProcessor--------");
                            request.getRequestDispatcher("/jsp/default.jsp").forward(request,response);
                        }catch(Exception ex){
                        }
                    }
                    return false;
              }
            }

            • 3. Re: Joss AS 7 Session Management
              Tomaz Cerar Master

              Session management is defined by servlet specification and out of the box supports tracking by cookie or by url rewriting.

              Defaulting to using session cookie.

               

              If your client doesn't support cookies or for some reason doesn't send them you could see the problem you are describing.

              • 4. Re: Joss AS 7 Session Management
                vijaykumar jagdale Newbie

                Hi Tomaz,

                 

                actually I tried it in the chrome and it working fine, but it giving problem in IE11. i tried to run same on jboss 7.1 it working fine.

                is their any problem with using jboss 7.0 with IE11?

                • 5. Re: Joss AS 7 Session Management
                  Tomaz Cerar Master

                  could be that there was some problem in 7.0, it is really old server.

                  even just difference between 7.0 and 7.1 is huge.

                  I would in any case recommend you to move to something newer like WildFly(project renamed after 7) 8.2.