CODEWITHSUNDEEP
sessiontomcatshare
xiaolg2008
xiaolg2008

Reputation: 101

how to share data stored in session of different webapps under same tomcat

I have several webapps deployed under one tomcat, each with it's own context, but I need to share the login user information between those webapps, such as, when user login from webapp A, it's id, name and other information are stored in session, when it tries to access other webapp, I hope we can get those information from session, according servlet spce, session can't be shared between different webapps, is there a way to share those data in seesion between different webapps deployed in same tomcat?

Upvotes: 0

Views: 1262

Answers (3)

D.A.H
D.A.H

Reputation: 919

Pretty old topic, but I got similar issue. I haven't solved it yet, but some notes, which might be helpful for others on seeking solution.

There are several reasons why you might want to share sessions between several Tomcat Web apps. One of issues is dependency hell, so one web app uses newer libraries and you just cannot incorporate functionality into another web app.

For example on Apache/PHP case, you can just put your apps in different folders and run them within same session.

Another issues is also persistence of sessions, which comes important when you want to share session data on Tomcat.

What is easy to achieve, is to use same session cookie. You just have to add sessionCookiePath="/" into context.xml.

<Context reloadable="true" crossContext="true" sessionCookiePath="/">

To make sessions persistent you might want to store data into database. Which means, you have to configure session storage on context.xml file. For example:

  <Valve className="org.apache.catalina.valves.PersistentValve" />
  <Manager className="org.apache.catalina.session.PersistentManager" processExpiresFrequency="3" maxIdleBackup="1" debug="99">
      <Store className="org.apache.catalina.session.JDBCStore"
        driverName="org.postgresql.Driver"
        connectionURL="jdbc:postgresql://localhost:5432/tomcat"
        connectionName="<username-here>"
        connectionPassword="<password-here>"
        sessionAppCol="app_name"
        sessionDataCol="session_data"
        sessionIdCol="session_id"
        sessionLastAccessedCol="last_access"
        sessionMaxInactiveCol="max_inactive"
        sessionTable="public.tomcat_sessions"
        sessionValidCol="valid_session"
        debug="99"
        />
  </Manager>

Session data will be written into database. But what becomes an issues is that apps have different names! So they cannot share session data.

sessionAppCol="app_name"

Field sessionAppCol is responsible for separating data for different apps. When I change app name on session data row, then data becomes immediately available for this app, which name I'm using.

So the only obstacle left is to make apps to share same name somehow.. But how?

Seems that on case of using JDBCStore, there is no way to share sessions. However, it is possible with Redisson.

  1. Download appropriate versions of redisson-all and redisson-tomcat.
  2. Put these on /lib folder
  3. Install Redis
  4. Start Redis
  5. Modify Context.xml
  6. Create redisson.yml on /lib folder and add appropriate settings
  7. Reboot Tomcat

Context.xml

<Context reloadable="true" crossContext="true" sessionCookiePath="/">

  <Manager
    className="org.redisson.tomcat.RedissonSessionManager"
    configPath="${catalina.base}/conf/redisson.yml"
    readMode="REDIS"
    updateMode="AFTER_REQUEST"
    broadcastSessionEvents="true"
    keyPrefix="bce"
    />

redisson.yml:

singleServerConfig:
  address: "redis://127.0.0.1:${REDIS_PORT:-6379}"
  database: 0
codec: !<org.redisson.codec.JsonJacksonCodec> {}

You have now persistent shared sessions.

Setting crossContext="true" allows to access data from other webapps.

Upvotes: 0

Mark Thomas
Mark Thomas

Reputation: 16615

Not easily. The Servlet API doesn't support such usage. There are several ways to do this:

  1. SSO may get you most of what you need.

  2. Store information in a database and look it up in the other web applications when you need it.

  3. Create/find some shared storage accessible from both web applications (i.e. some form of cache). You need to be very careful with this approach that you don't create any memory leaks.

  4. Use cross context requests to pass information between web applications (a little ugly and may create security issues).

  5. Probably a bunch of ways I haven't thought of.

Upvotes: 1

neohope
neohope

Reputation: 1832

1.use this attribute crossContext="true"

2.use webservice to manage user privileges

Upvotes: 0

Related Questions