While i was working on the Session timeout of our application in Weblogic , first thought its just an configuration settings that need to be done. But later when we started investigating on it, we faced few issues and limitations related to session timeout.
Listing out few important key points that one must known if using WebLogic server (related to sessions):
1. In Weblogic, one cannot share the session data across multiple EAR applications (i.e, different contexts).
(Refer http://e-docs.bea.com/wls/docs92/webapp/sessions.html)
2. Sessions can be shared within web applications in an application by setting sharing-enabled tag to true.
(Refer http://edocs.bea.com/wls/docs90/webapp/weblogic_xml.html)
3. On a session invalidate, WL will clean the session data only, it does not cleans up the authentication data.
(Refer http://books.google.co.in/books?id=TiAKHpPHpHIC&pg=PA429&lpg=PA429&dq=delete+authentication+data+of+a+session+in+weblogic&source=bl&ots=ciKPPJ-u3s&sig=zNHD1d7DOZbbKM7O8EraRmdgU10&hl=en&ei=i1-eSfXMKJKwkAXB5onLCw&sa=X&oi=book_result&resnum=2&ct=result#PPA429,M1)
4. To cleanup the authentication data, use weblogic.servlet.security.ServletAuthentication class.
SpringBoot: Features: SpringApplication
4 years ago
1 comment:
Hey nice insights... Keep the posts coming...
Post a Comment