Previous Topic: Redirect Service Configuration

Next Topic: Establishing a User Session

Session Scheme Settings in the server.conf File

Session schemes determine how a user’s identity is maintained, providing single sign-on during the course of a session. Each potential session scheme must be included in a SessionScheme section of the server.conf. file. Session schemes must be associated with a Java class file that defines the behavior of the session. If no session scheme is specified for a particular type of user agent, the default session scheme is used.

One challenge for enterprise transactions is maintaining user sessions. SiteMinder uses cookies to encapsulate session information. Unlike SiteMinder, the SPS uses several methods and provides a set of APIs to support alternative methods of maintaining sessions that does not rely on cookies. The cookieless session schemes involve some sort of token that reference session information maintained in the SPS in‑memory session store. The session store resides in the SPS server’s memory, and can be cleared by restarting the server.

The SPS provides the following out-of-the-box session schemes that you can configure in the server.conf file. These schemes may be associated with user agent types for each virtual host defined in the server.conf file. The association of a session scheme with a user agent type is called a session scheme mapping.

SPS includes the following schemes:

Note: To create additional custom session schemes, you can use the session scheme APIs. If you create your own session schemes using the session scheme API, you must add a <SessionScheme> section to the server.conf file with specific information about the name and Java class associated with your custom session scheme.

More information:

SPS APIs