Internal

• HTTP Session
• Servlet Session Tracking API

Overview

A simple JEE servlet that can be deployed within a JEE container and used to test continuity, load balancing, failover, session stickiness, etc. It has been tested to work with WildFly/EAP and with Tomcat. One of the design constraints was to avoid container-specific dependencies. Its only dependencies are slf4j for logging and the Servlet API.

Source Code

https://github.com/NovaOrdis/playground/tree/master/jee/servlet/session-servlet

Build

mvn clean package

Deploy

Copy ./target/session-servlet.war into the deployment directory of the application server.

Usage

Authentication

The default build produces a servlet that *does NOT require authentication*.

If you want authentication, do this (JBoss 5 procedure, may need to be updated for WildFly):

1. Un-comment web.xml section starting with <security-constraint> and ending with </security-role>.

2. Replace "admin" with a valid role. The replacement must be done in both places where <role-name> is mentioned. For example, if deployed on JBoss 5, pick up an appropriate role from $JBOSS_HOME/server/$JBOSS_PROFILE/conf/props/jmx-console-roles.properties.

3. Enable <security-domain> in jboss-web.xml and make sure it points to the correct one on the server.

HTTP Session Support

The servlet will NOT establish a HTTP session by default.

If you wish it to establish a session, call the /establish-session URL:

http://localhost:8080/session-servlet/establish-session

This will create a HTTP session and send the Set-Cookie JSESSIONID back to browser. If /establish-session is called repeatedly on an already established session, the application will warn, but otherwise nothing else will happen; enable-session is idempotent.

To get more information about the current session, use:

http://localhost:8080/session-servlet/describe-session

To invalidate the current session, use:

http://localhost:8080/session-servlet/invalidate-session

In order to store a key/value pair into the session, use http://locahost:8080/session-servlet/put?key=something&value=somethingelse. In order to retrieve a key/value pair from the session, use http://locahost:8080/session-servlet/get?key=something

Enable HTTP Session Replication

Root Context

You can change the root context as follows:

On JBoss

Method One

Simply deploy the WAR under the desired name.

Method Two

TODO: use jboss-web.xml and root-context.

On Tomcat

Simply deploy the WAR under the desired name.

Test Plan

1. Simple Availability

Build and deploy.

Go to http://<server-address>:<server-port>/session-servlet

It will return a simple HTTP page listing relevant information regarding the execution.

2. Session Experiments

Establish a session with http://<server-address>:<server-port>/session-servlet?establish-session

Then drop the parameter, the browser/server should maintain the session until it expires.