session.ini, contains parameters used by the Sessions Manager.
Syntax
check_ip_address= check_ip_address
check_session_source= check_session_source
comment= comment
domain= domain_name
interval = interval
max_age= max_age
name= name
path= uri
secure= secure
session_store= session_store
source= source
timeout = timeout
check_ip_address
|
whether to check the IP address of the client when determining if the
session id is valid.
y check the IP address.
n do not check the IP address.
y is the default value.
Setting this value to n can open the server to session id spoofing
attacks.
|
check_session_source
|
whether to check the session's source when determining if the session id is
valid.
y check the session's source.
n do not check the session's source.
y is the default value.
Setting this value to n can open the server to session id spoofing
attacks.
|
comment
|
any comments for the session cookie.
Servertec Information Server Session Cookie is the default value.
Used only when source is set to Cookie.
|
domain_name
|
the domain of the session cookie.
%host% - the host name as specified in the Host request header.
%local_address% - the server's IP address.
Domain names should begin with a period, ..
Used only when source is set to Cookie.
|
interval
|
used to schedule to session manager to remove invalid sessions every n
minutes.
5 minutes is the default value.
-1 can be used to never check for invalid sessions. Using this value
will increase memory requirements and may have a negative impact on
performance.
The number must be at least 1 minute.
Setting this value too large or too small may impact performance and memory
requirements.
|
max_age
|
the maximum number of seconds that a session cookie exists.
-1 is used to maintain the session cookie while the browser is
running.
-1 is the default value.
Used only when Source is set to Cookie.
|
name
|
the name of the session identifier.
iwsSessionID is the default value for Servertec Internet Server.
|
secure
|
whether the session cookie should only be sent by the client to the server
using a secure protocol.
y send to cookie using a secure protocol.
n do not send the cookie using a secure protocol.
n is the default value.
This parameter should only be set to y when the server first sends
the session cookie to the client using a secure protocol.
Used only when source is set to Cookie.
|
session_store
|
in the form
class_file{?parameter{¶meter}...}
class_file
|
the Java Class in the form package.class of the
Session Store to use.
The CLASSPATH will be searched for the specified Session Store.
|
parameter
|
any parameters used during the initialization of the Session Store.
Zero or more & delimited key=value pairs can be
specified.
|
stec.iws.MemorySessionStore is the default value.
|
source
|
the mechanism used to maintain a session's identifier on the client.
Cookie results in a cookie being automatically created on the client's
browser to maintain the session identifier.
URL indicates that the session identifier will be manually
maintained by appending it to all the links. Response.encodeUrl() will
need to be used in servlet generated pages.
Cookie is the default value.
URL should be used when cookies are not supported or allowed
by the client.
Servertec Internet Server Administrator requires Cookie based sessions and
cannot be used when URL based sessions are used.
|
timeout
|
the maximum number of minutes that a session can exist without being accessed
before it is invalidated.
30 minutes is the default value.
-1 is used to maintain all sessions while the server is running.
Setting this value too large or to -1 may impact performance and
memory requirements.
|
uri
|
the URI of the session cookie.
%base_uri% - the requested uri.
%request_uri% - the requested uri.
%script_name% - the the servlet path.
%servlet_context_path% - the servlet context path.
Used only when source is set to Cookie.
|
Notes
Changes made to configuration files will not be used until the server is
restarted.
Example
timeout = 30
interval = 5
source=cookie
name=iwsSessionID
comment=Servertec Information Server Session Cookie
domain=
path=
max_age=-1
secure=n
check_ip_address=y
check_session_source=y
session_store=stec.iws.MemorySessionStore
Configuration
Servertec Internet Server includes memory, file, POS and database session
stores. The memory session store maintains sessions in memory. The file
session store uses the file system. The POS session store uses Servertec
Persistent Object Store and the database session store uses any JDBC
accessible database.
Select the method to use:
Memory
Flat File
Microsoft Access
Oracle
Servertec Persistent Object Store
Use the following steps to configure the memory session store.
- Set SessionStore to stec.iws.MemorySessionStore.
- Do not define any Parameters.
Use the following steps to configure the file session store.
- Set Session Store to stec.iws.FileSessionStore.
- Define the following Parameters:
distributed=distributed
master=master
basedir=basedir
persistent=persistent
save_interval=save_interval
distributed
|
Whether sessions are distributed or sticky when the ClusterProxy,
ClusterRedirector or Servertec Internet Server Gateways are used.
y sessions are distributed and are not sticky.
n sessions are not distributed and are sticky.
n is the default value.
Used only when Source is set to Cookie.
|
master
|
Whether this server is the master server for the distributed session store
responsible for removing expired sessions from the session store.
y this server is the master server.
n this server is not the master server.
n is the default value.
|
basedir
|
The directory that will contain the session store files.
./session_store is the default directory.
If a relative path is specified the directory is relative to the context
directory.
|
persistent
|
Whether the session store is persistent.
n is the default directory.
y for persistent session store and n for temporary.
Persistent sessions are stored in the file system. If persistent is set to
n then any existing sessions are removed when the server is
stopped, restarted or started. If persistent is set to y then any
memory resident sessions are saved when the server is stopped or restarted
and any existing sessions are available while valid when the server is
started or restarted.
|
save_interval
|
The number of minutes that the Session Store caches in memory valid sessions
before saving them.
5 minutes is the default.
0 can be used to save sessions immediately.
The number must be at least 1 minute.
Setting this value too small may have a negative impact on performance.
Setting this value too large may have a negative impact on performance and
may result in session entries being lost if the server crashes or if it is
aborted.
|
Notes
Requires that iws_dir/classes/optional.jar be
present in the CLASSPATH.
Parameters are only used when distributed is set to n.
FileSessionStore does not handle concurrency.
Distributed FileSessionStore objects must be Serializable.
Use the following steps to configure the database session store for
Microsoft Access.
- Defined a System DSN for the database using the ODBC Data Source
Administrator from the Control Panel.
Driver: Microsoft Access Driver (*mdb)
Data Source Name: iserver.msaccess
Database: iws_dir\databases\iserver.mdb
iws_dir is the directory where the server was installed,
normally c:\iws.
- Define the following Connection Pool entry in the
Administrator - Connection Pools.
Connection Pool: iserver
Driver: sun.jdbc.odbc.JdbcOdbcDriver
URL: jdbc:odbc:iserver.msaccess
Username:
Password:
Initial Size: 26
Maximum Size: 51
The Initial Size should be one (1) more than the number of
server Connections and the Maximum Size should be one (1) more
than the number of server Maximum Connections.
- Set Class File to stec.iws.DatabaseSessionStore.
- Define the following Parameters:
distributed=distributed
master=master
connection_pool=iserver
persistent=persistent
save_interval=save_interval
distributed
|
Whether sessions are distributed or sticky when the ClusterProxy,
ClusterRedirector or Servertec Internet Server Gateways are used.
y sessions are distributed and are not sticky.
n sessions are not distributed and are sticky.
n is the default value.
Used only when Source is set to Cookie.
|
master
|
Whether this server is the master server for the distributed session store
responsible for removing expired sessions from the session store.
y this server is the master server.
n this server is not the master server.
n is the default value.
|
persistent
|
Whether the session store is persistent.
n is the default directory.
y for persistent session store and n for temporary.
Persistent sessions are stored in a database. If persistent is set to
n then any existing sessions are removed when the server is
stopped, restarted or started. If persistent is set to y then any
memory resident sessions are saved when the server is stopped or restarted
and any existing sessions are available while valid when the server is
started or restarted.
|
save_interval
|
The number of minutes that the Session Store caches in memory valid sessions
before saving them.
5 minutes is the default.
0 can be used to save sessions immediately.
The number must be at least 1 minute.
Setting this value too small may have a negative impact on performance.
Setting this value too large may have a negative impact on performance and
may result in session entries being lost if the server crashes or if it is
aborted.
|
Notes
Requires that iws_dir/classes/optional.jar be
present in the CLASSPATH.
Parameters are only used when distributed is set to n.
DatabaseSessionStore does not handle concurrency.
Distributed DatabaseSessionStore objects must be Serializable.
The database session store makes use of the JDBC-ODBC bridge to access the
iserver.mdb database. It will only work under Microsoft Windows 9x/Me/NT/2000/2003/XP and may
not work with JView.
Use the following steps to configure the database session store for Oracle.
- If Oracle database server is not running then start it.
- If you have not already created an Oracle database for Servertec
Internet Server then follow the instructions below to create it.
- Start SQLPLUS and login as an administrator.
sqlplus system/manager
The user name and password shown above may not be correct on all systems.
Please consult the appropriate Oracle documentation or a system database
administrator for the correct user name and password.
- Create admin user.
grant connect to admin identified by admin;
grant dba to admin;
commit;
exit
- Start SQLPLUS again and this time login using the new admin
user.
sqlplus admin/admin
- Assuming that Servertec Internet Server was installed in /iws,
create the database.
@/iws/databases/iserver.sql
exit
If Servertec Internet Server was installed in a directory other than
/iws then edit installdir/databases/iserver.sql and
change the directory path of the iserver.dbf database to the proper
path.
- Using the sample TNSNAMES.ORA file in
installdir/databases, define a new SQL Net entry named
iserver.oracle for Servertec Internet Server.
- Start SQL Net Listener.
lsnrctl start
- Define the following Connection Pool entry in the
Administrator - Connection Pools.
Connection Pool: iserver
Driver: oracle.jdbc.driver.OracleDriver
URL: jdbc:oracle:oci8:@iserver.oracle
Username: admin
Password: admin
Initial Size: 26
Maximum Size: 51
The Initial Size should be one (1) more than the number of
server Connections and the Maximum Size should be one (1) more
than the number of server Maximum Connections.
- Set Class File to stec.iws.DatabaseLogger.
- Define the following Parameters:
distributed=distributed
master=master
connection_pool=iserver
persistent=persistent
save_interval=save_interval
distributed
|
Whether sessions are distributed or sticky when the ClusterProxy,
ClusterRedirector or Servertec Internet Server Gateways are used.
y sessions are distributed and are not sticky.
n sessions are not distributed and are sticky.
n is the default value.
Used only when Source is set to Cookie.
|
master
|
Whether this server is the master server for the distributed session store
responsible for removing expired sessions from the session store.
y this server is the master server.
n this server is not the master server.
n is the default value.
|
persistent
|
Whether the session store is persistent.
n is the default directory.
y for persistent session store and n for temporary.
Persistent sessions are stored in a database. If persistent is set to
n then any existing sessions are removed when the server is
stopped, restarted or started. If persistent is set to y then any
memory resident sessions are saved when the server is stopped or restarted
and any existing sessions are available while valid when the server is
started or restarted.
|
save_interval
|
The number of minutes that Session Store caches in memory valid sessions
before saving them.
5 minutes is the default.
0 can be used to save sessions immediately.
The number must be at least 1 minute.
Setting this value too small may have a negative impact on performance.
Setting this value too large may have a negative impact on performance and
may result in session entries being lost if the server crashes or if it is
aborted.
|
Notes
Requires that iws_dir/classes/optional.jar be
present in the CLASSPATH.
Parameters are only used when distributed is set to n.
DatabaseSessionStore does not handle concurrency.
Distributed DatabaseSessionStore objects must be Serializable.
Use the following steps to configure the Servertec Persistent Object Store session store.
- Install and configure Servertec Persistent Object Store.
- Set SessionStore to stec.iws.PosSessionStore.
- Define the following Parameters:
persistent=persistent
save_interval=save_interval
sessions_store=sessions_store
sessions_capacity=sessions_capacity
persistent
|
Whether the session store is persistent.
n is the default directory.
y for persistent session store and n for temporary.
Persistent sessions are stored in the file system. If persistent is set to
n then any existing sessions are removed when the server is
stopped, restarted or started. If persistent is set to y then any
memory resident sessions are saved when the server is stopped or restarted
and any existing sessions are available while valid when the server is
started or restarted.
|
save_interval
|
The number of minutes that the Session Store caches in memory valid sessions
before saving them.
5 minutes is the default.
0 can be used to save sessions immediately.
The number must be at least 1 minute.
Setting this value too small may have a negative impact on performance.
Setting this value too large may have a negative impact on performance and
may result in session entries being lost if the server crashes or if it is
aborted.
|
sessions_store
|
the base file name of the Sessions store. If not specified defaults to iws_dir/databases/sessions.store.
|
sessions_capacity
|
the average number of sessions in the Sessions store.
The number must be at least 1.
If not specified defaults to 65536.
Setting this value too small may have a negative impact on performance.
Setting this value too large will waste disk space.
|
Notes
Requires that iws_dir/classes/optional.jar be
present in the CLASSPATH.
|