Suppose I have more than one web application servers running and I am logging in a User from Server1 thus his session starts.As http is stateless, suppose if the next request goes to Server3 than the Sever1 which was used to login to the application,if I use cookies, hidden form , its not going to work in Server2.
So how do I manage the session ?, maybe by generating an ID (or even reusing the jsessioid generated ) and storing it in a central database,so that all servers can access this session ID and validate it before processing the request.Then in that case, I need to develop a mechanism to store all the session data as object to the database.
Is there any other built in mechanisms available ?
How to create multiple sessions? 1) Use multiple browsers. 2) Modify the conf file to create localhost1 and locaohost2. 3) Store user information in the front-end HTTP Session with the user ID (unique) as the key, so that each time does not overwrite the last content. The user ID can be transmitted in the front end through URL parameter parsing.
How should we handle the user session information — Suppose you have multiple micro-services dockerized and deployed. The application generates a JWT token after the user logs into the application and web UI (or mobile app for that matter) code keeps this token in local storage to be passed along the subsequent HTTP requests.
To use ASP session management on a load-balanced site, you must ensure that all requests within a user session are directed to the same Web server. One way to do this is to write a Session_OnStart Event procedure that uses the Response object to redirect the browser to the specific Web server on which the user's session is running.
ASP session information is stored on the Web server. A browser must request pages from the same Web server for scripts to access session information. On cluster of Web servers (where many Web servers share the responsibility for responding to user requests) user requests will not always be routed to the same server.
If you are deploying application on more than one server, you should use "Clustering". Application servers are able to handle this scenario using "session replication". With session replication, each server will have a copy of the active users session. IF the first request goes to server A and second request goes to server B, it will be transparent to application code and end user.
For clustering/session replication in Tomcat, you can have a look at this link.
Spring provides the session management:
Spring Session makes it trivial to support clustered sessions without being tied to an application container specific solution. It also provides transparent integration with:
HttpSession - allows replacing the HttpSession in an application container (i.e. Tomcat) neutral way, with support for providing session IDs in headers to work with RESTful APIs
WebSocket - provides the ability to keep the HttpSession alive when receiving WebSocket messages
WebSession - allows replacing the Spring WebFlux’s WebSession in an application container neutral way Source: Spring docs.
Please check this for further information: https://spring.io/projects/spring-session#overview
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With