- Application Server: This is the default level. Configuration at this level is applied to all Web modules within the server.
- Application: Configuration at this level is applied to all Web Modules within the web application
- Web Modules: Configuration at this level is applied only to the web application
The level at which you set a property decides the scope at which that property is assigned. You get the Session management link at all three levels and when you click on that link you will get a screen like this
WebSphere Application Server has set of Session properties that you can set at either of the following three levels
WAS allows you to set following session management properties
- Session tracking mechanism: WebSphere Application server provides following three mechanism to implement the session tracking
- Enable SSL ID Tracking:Specifies that session tracking uses Secure Sockets Layer (SSL) information as a session ID. Enabling SSL tracking takes precedence over cookie-based session tracking and URL rewriting.
Enabling cookies takes precedence over URL rewriting. Do not disable cookies in the session management facility of the application server that is running the administrative application because this action causes the administrative application not to function after a restart of the server. As an alternative, run the administrative application in a separate process from your applications. Click Enable cookies to change these settings.
- Enable URL Rewriting: Specifies that the session management facility uses rewritten URLs to carry the session IDs. If URL rewriting is enabled, the session management facility recognizes session IDs that arrive in the URL if the encodeURL method is called in the servlet.
server is allowed.