Servertec   Internet Server Administrator - Session
Administrator
Login
Monitor
Control Panel
Manage
Server
Socket
Virtual Hosts
Workgroup
Session
Servlets
Contexts
Aliases
Mime Types
Locales
Messages
Pools
Realms
Resources
Users
Groups
Computers
Access Rights
ACLs
Logger
Templates
File System
Archives

About
Used to view and change session settings.

Entry Form

Servertec Internet Server Administrator - Session

Fields

Timeout The maximum number of minutes that a session can exist without being accessed before it is invalidated.

30 minutes is the default value.

-1 is used to maintain all sessions while the server is running.

Setting this value too large or to -1 may impact performance and memory requirements.

Interval The number of minutes between running the Session Manager.

5 minutes is the default value.

-1 can be used to never check for invalid sessions. Using this value will increase memory requirements and may have a negative impact on performance.

The number must be at least 1 minute.

Setting this value too large or too small may impact performance and memory requirements.

Source The mechanism used to maintain a session's identifier on the client.

Cookie results in a cookie being automatically created on the client's browser to maintain the session identifier.

URL indicates that the session identifier will be manually maintained by appending it to all the links. Response.encodeUrl() will need to be used in servlet generated pages.

Cookie is the default value.

URL should be used when cookies are not supported or allowed by the client.

Servertec Internet Server Administrator requires Cookie based sessions and cannot be used when URL based sessions are used.

Name The name of the session identifier.

iwsSessionID is the default value for Servertec Internet Server.

Comment Any comments for the session cookie.

Servertec Internet Server Session Cookie is the default value.

Used only when Source is set to Cookie.

Domain The domain of the session cookie.

%host% - the host name as specified in the Host request header.
%local_address% - the server's IP address.

Domain names should begin with a period, ..

Used only when Source is set to Cookie.

Path The path of the session cookie.

%base_uri% - the requested uri.
%request_uri% - the requested uri.
%script_name% - the the servlet path.
%servlet_context_path% - the servlet context path.

Used only when Source is set to Cookie.

Maximum Age The maximum number of seconds that a session cookie exists.

-1 is used to maintain the session cookie while the browser is running.

-1 is the default value.

Used only when Source is set to Cookie.

Secure Whether the session cookie should include the Secure field.

Yes include the Secure field.

No do not include the Secure field.

No is the default value.

Used only when Source is set to Cookie.

Check IP Address Whether to check the IP address of the client when determining if the session id is valid.

Yes check the IP address.

No do not check the IP address.

Yes is the default value.

Setting this value to No can open the server to session id spoofing attacks.

Check Session Source Whether to check the session's source when determining if the session id is valid.

Yes check the session's source.

No do not check the session's source.

Yes is the default value.

Setting this value to No can open the server to session id spoofing attacks.

Session Store The Class in the form package.class of the Session Store to use.
Parameters Any parameters used during initialization of the Session Store.

Zero or more parameters can be specified by entering line delimited key=value pairs.

Actions

SAVE Used to save changes made and to return the Control Panel form.
CANCEL Used to discard changes made and to return the Control Panel form.
HELP Used to display online help for this form.

Notes

Changes made will not be used until the server is restarted.

Configuration

Servertec Internet Server includes memory, file, POS and database session stores. The memory session store maintains sessions in memory. The file session store uses the file system. The POS session store uses Servertec Persistent Object Store and the database session store uses any JDBC accessible database.

Select the method to use:
Memory
Flat File
Microsoft Access
Oracle
Servertec Persistent Object Store


Use the following steps to configure the memory session store.

  1. Set SessionStore to stec.iws.MemorySessionStore.

  2. Do not define any Parameters.


Use the following steps to configure the file session store.

  1. Set Session Store to stec.iws.FileSessionStore.

  2. Define the following Parameters:

    distributed=distributed
    master=master
    basedir=basedir
    persistent=persistent
    save_interval=save_interval

    distributed Whether sessions are distributed or sticky when the ClusterProxy, ClusterRedirector or Servertec Internet Server Gateways are used.

    y sessions are distributed and are not sticky.

    n sessions are not distributed and are sticky.

    n is the default value.

    Used only when Source is set to Cookie.

    master Whether this server is the master server for the distributed session store responsible for removing expired sessions from the session store.

    y this server is the master server.

    n this server is not the master server.

    n is the default value.

    basedir The directory that will contain the session store files.

    ./session_store is the default directory.

    If a relative path is specified the directory is relative to the context directory.

    persistent Whether the session store is persistent.

    n is the default directory.

    y for persistent session store and n for temporary.

    Persistent sessions are stored in the file system. If persistent is set to n then any existing sessions are removed when the server is stopped, restarted or started. If persistent is set to y then any memory resident sessions are saved when the server is stopped or restarted and any existing sessions are available while valid when the server is started or restarted.

    save_interval The number of minutes that the Session Store caches in memory valid sessions before saving them.

    5 minutes is the default.

    0 can be used to save sessions immediately.

    The number must be at least 1 minute.

    Setting this value too small may have a negative impact on performance. Setting this value too large may have a negative impact on performance and may result in session entries being lost if the server crashes or if it is aborted.

Notes

Parameters are only used when distributed is set to n.

FileSessionStore does not handle concurrency.

Distributed FileSessionStore objects must be Serializable.


Use the following steps to configure the database session store for Microsoft Access.

  1. Defined a System DSN for the database using the ODBC Data Source Administrator from the Control Panel.

    Driver: Microsoft Access Driver (*mdb)
    Data Source Name: iserver.msaccess
    Database: iws_dir\databases\iserver.mdb

    iws_dir is the directory where the server was installed, normally c:\iws.net.

  2. Define the following Connection Pool entry in the Administrator - Connection Pools.

    Connection Pool: iserver
    Driver: com.ms.jdbc.odbc.JdbcOdbcDriver
    URL: jdbc:odbc:iserver.msaccess
    Username:
    Password:
    Initial Size: 26
    Maximum Size: 51

    The Initial Size should be one (1) more than the number of server Connections and the Maximum Size should be one (1) more than the number of server Maximum Connections.

  3. Set Class File to stec.iws.DatabaseSessionStore.

  4. Define the following Parameters:

    distributed=distributed
    master=master
    connection_pool=iserver
    persistent=persistent
    save_interval=save_interval

    distributed Whether sessions are distributed or sticky when the ClusterProxy, ClusterRedirector or Servertec Internet Server Gateways are used.

    y sessions are distributed and are not sticky.

    n sessions are not distributed and are sticky.

    n is the default value.

    Used only when Source is set to Cookie.

    master Whether this server is the master server for the distributed session store responsible for removing expired sessions from the session store.

    y this server is the master server.

    n this server is not the master server.

    n is the default value.

    persistent Whether the session store is persistent.

    n is the default directory.

    y for persistent session store and n for temporary.

    Persistent sessions are stored in a database. If persistent is set to n then any existing sessions are removed when the server is stopped, restarted or started. If persistent is set to y then any memory resident sessions are saved when the server is stopped or restarted and any existing sessions are available while valid when the server is started or restarted.

    save_interval The number of minutes that the Session Store caches in memory valid sessions before saving them.

    5 minutes is the default.

    0 can be used to save sessions immediately.

    The number must be at least 1 minute.

    Setting this value too small may have a negative impact on performance. Setting this value too large may have a negative impact on performance and may result in session entries being lost if the server crashes or if it is aborted.

Notes

Parameters are only used when distributed is set to n.

DatabaseSessionStore does not handle concurrency.

Distributed DatabaseSessionStore objects must be Serializable.

The database session store makes use of the JDBC-ODBC bridge to access the iserver.mdb database.


Use the following steps to configure the database session store for Oracle.

  1. If Oracle database server is not running then start it.

  2. If you have not already created an Oracle database for Servertec Internet Server then follow the instructions below to create it.

    1. Start SQLPLUS and login as an administrator.

      sqlplus system/manager

      The user name and password shown above may not be correct on all systems. Please consult the appropriate Oracle documentation or a system database administrator for the correct user name and password.

    2. Create admin user.

      grant connect to admin identified by admin;
      grant dba to admin;
      commit;
      exit

    3. Start SQLPLUS again and this time login using the new admin user.

      sqlplus admin/admin

    4. Assuming that Servertec Internet Server was installed in c:\iws.net, create the database.

      @/iws.net/databases/iserver.sql
      exit

      If Servertec Internet Server was installed in a directory other than c:\iws.net then edit installdir/databases/iserver.sql and change the directory path of the iserver.dbf database to the proper path.

    5. Using the sample TNSNAMES.ORA file in installdir/databases, define a new SQL Net entry named iserver.oracle for Servertec Internet Server.

    6. Start SQL Net Listener.

      lsnrctl start

  3. Define the following Connection Pool entry in the Administrator - Connection Pools.

    Connection Pool: iserver
    driver=com.ms.jdbc.odbc.JdbcOdbcDriver
    url=jdbc:odbc:iserver.oracle
    Username: admin
    Password: admin
    Initial Size: 26
    Maximum Size: 51

    The Initial Size should be one (1) more than the number of server Connections and the Maximum Size should be one (1) more than the number of server Maximum Connections.

  4. Set Class File to stec.iws.DatabaseLogger.

  5. Define the following Parameters:

    distributed=distributed
    master=master
    connection_pool=iserver
    persistent=persistent
    save_interval=save_interval

    distributed Whether sessions are distributed or sticky when the ClusterProxy, ClusterRedirector or Servertec Internet Server Gateways are used.

    y sessions are distributed and are not sticky.

    n sessions are not distributed and are sticky.

    n is the default value.

    Used only when Source is set to Cookie.

    master Whether this server is the master server for the distributed session store responsible for removing expired sessions from the session store.

    y this server is the master server.

    n this server is not the master server.

    n is the default value.

    persistent Whether the session store is persistent.

    n is the default directory.

    y for persistent session store and n for temporary.

    Persistent sessions are stored in a database. If persistent is set to n then any existing sessions are removed when the server is stopped, restarted or started. If persistent is set to y then any memory resident sessions are saved when the server is stopped or restarted and any existing sessions are available while valid when the server is started or restarted.

    save_interval The number of minutes that Session Store caches in memory valid sessions before saving them.

    5 minutes is the default.

    0 can be used to save sessions immediately.

    The number must be at least 1 minute.

    Setting this value too small may have a negative impact on performance. Setting this value too large may have a negative impact on performance and may result in session entries being lost if the server crashes or if it is aborted.

Notes

Parameters are only used when distributed is set to n.

DatabaseSessionStore does not handle concurrency.

Distributed DatabaseSessionStore objects must be Serializable.


Use the following steps to configure the Servertec Persistent Object Store session store.
  1. Install and configure Servertec Persistent Object Store.

  2. Set SessionStore to stec.iws.PosSessionStore.

  3. Define the following Parameters:

    persistent=persistent
    save_interval=save_interval
    sessions_store=sessions_store
    sessions_capacity=sessions_capacity

    persistent Whether the session store is persistent.

    n is the default directory.

    y for persistent session store and n for temporary.

    Persistent sessions are stored in the file system. If persistent is set to n then any existing sessions are removed when the server is stopped, restarted or started. If persistent is set to y then any memory resident sessions are saved when the server is stopped or restarted and any existing sessions are available while valid when the server is started or restarted.

    save_interval The number of minutes that the Session Store caches in memory valid sessions before saving them.

    5 minutes is the default.

    0 can be used to save sessions immediately.

    The number must be at least 1 minute.

    Setting this value too small may have a negative impact on performance. Setting this value too large may have a negative impact on performance and may result in session entries being lost if the server crashes or if it is aborted.

    sessions_store the base file name of the Sessions store. If not specified defaults to iws_dir/databases/sessions.store.
    sessions_capacity the average number of sessions in the Sessions store.

    The number must be at least 1.

    If not specified defaults to 65536.

    Setting this value too small may have a negative impact on performance.

    Setting this value too large will waste disk space.