Adding a server ID to the session ID and Cookie

On Application Server, you can add a server ID to the session ID and Cookie of HttpSession. This is called server ID addition functionality. Specify a different server ID value for each Web container.

Customize the properties of the J2EE server to specify the settings for adding a server ID to the session ID and Cookie. For details on customizing the settings for the J2EE server operations, see 2.7.8 Execution environment settings.

Note that when you use the session failover functionality, it is mandatory to add the server ID to the memory session ID. For details on the memory session failover functionality, see 6. Compatibility functionality of the extended functionality (session failover functionality) in the uCosminexus Application Server Maintenance and Migration Guide.

Note: The cookie name specified in this functionality must not duplicate a Cookie name specified in the Servlet or JSP or a Cookie name automatically specified by the Web container. The following name is automatically specified by the Web container:; JSESSIONID

With Application Server version 09-00 or later, you can change the name of the Cookie set by the Web container. For precautions to be taken when the server ID is attached to the Cookie and you want to change the name of the Cookie set by a Web container, see 2.7.9 Precautions related to the session management.

Organization of this subsection: (1) Adding server ID to the session ID of HttpSession; (2) Adding a server ID to a Cookie

(1) Adding server ID to the session ID of HttpSession

The session ID is normally unique in the same Web Container. However, in a system consisting of multiple Web containers by using a load balancer, the session ID might not be unique for the whole system. If you use the functionality for adding server ID to the session ID of HttpSession, a server ID that differs for each Web container is added to the session ID of HttpSession. Consequently, a unique session ID can be maintained in the system.

Reference note: When integrating with a Web server, if requests are distributed using round robin as per the settings of the redirector, the worker name is added to the session ID regardless of whether the settings for adding the session ID of HttpSession are specified or not. The server ID is not added.

(2) Adding a server ID to a Cookie

To transfer the requests of the same session to the same Web container, use the functionality for specifying the request transfer destination by the Cookie of a load balancer and the functionality for adding the server ID to the Cookie.

When you use the functionality for adding the server ID to the Cookie, a server ID that is different for each Web container is added to the Cookie. You can add the Cookie (in which the server ID was added) to an HTTP response, and hence, the requests of the same session can be transferred to the same Web container. Note that the Cookie with a server ID is added to the response for the request that generates the HttpSession.

Note that in the following cases, the Secure property is added to the Cookie generated by the server ID addition functionality:

When an HTTP request is sent using the HTTPS protocol
When the scheme is set with the gateway specification functionality so that the scheme is considered as HTTPS

2.7.6 Adding a server ID to the session ID and Cookie

(1) Adding server ID to the session ID of HttpSession

(2) Adding a server ID to a Cookie