Session cleanup

The session management provided by the toolkit can use cookies or not use cookies. This is controlled by the following setting in the toolkit configuration (btt.xml) file:

<kColl id="html">
	<field id="requestHandler" value="com.ibm.btt.cs.html.HtmlRequestHandler"/>
	<field id="presentationHandler" value="com.ibm.btt.cs.html.HtmlPresentationHandler"/>
	<field id="cookies" value="false"/>
	<field id="runInSession" value="true"/>
</kColl>  

If the cookies field is set to true, WebSphere® Application Server performs session management. When the toolkit establishes a session, it creates an HTTPSession object. This causes WebSphere to become aware of the session, and the application can then use WebSphere's session capabilities. The toolkit delegates to WebSphere the detection of session expiration. If the cookies field is set to false, the toolkit performs session management internally.

The toolkit lets the application decide what to store in a session and how to store it. The toolkit only requires that the session have an entry in the session table and a context. Once the session has been established, the application executes an operation to add the session entry to the sessions table.

While the toolkit does not provide a session startup operation, the sample applications provide examples of ways to implement one according to the concrete channel implementation being used. The operation establishes the session by placing an entry in the session table and by creating a context for the session. Once this occurs, the toolkit is aware of the session. The following diagram shows a context and its entry in the session table:

Diagram showing contexts and their entries in the session table

The session context and the session entry can store any application information and the session context can initiate services. The application must be aware of this data and any running services when handling the expiry of the session.

When a session spends a given amount of time without processing any request, the session times out. When this occurs, the application must clean up the resources allocated for this session as part of the session expiry. See Configuring session timeout for information on setting the amount of time before a session times out, and Handling session timeout for information on handling the cleanup.