NonStop Servlets for JavaServer Pages (NSJSP) 5.0 System Administrator's Guide

ManualsBrandsHP ManualsServerHP Integrity NonStop J-Series

101

102

103

104

105

106

107

108

109

110

Configuring NSJSP

NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide—525644-003

3-47

Configuring Persistent Sessions

Security Considerations

Because the single sign-on support implementation uses cookies to maintain user

identity across applications, the same risks of information exposure apply here as

when cookies are used to maintain session identity within a single web application. If

you are concerned that attackers may try to impersonate an ongoing session, you

should run your applications across a secure network connection (such as an SSL

connection using the HTTPS protocol).

Configuring Persistent Sessions

NSJSP provides support for persistent sessions through the <Manager> element in

the Context configuration file. Nest the <Manager> element below a <Context>

element, because the <Manager> element represents a session manager that can be

used to create and maintain session data for a particular web application/Context.

If a <Manager> element is not specified for a <Context> element, a default

<Manager> configuration is automatically created that handles and stores session

data only for the life of the Container/JVM process. The default configuration uses the

NSJSPStandardManager class for the className attribute in the <Manager>

element.

Creating a NonStop SQL Database to Store the Persistent

Session Data

To successfully configure NSJSP for persistent sessions support, first create a

NonStop SQL database (catalog and table) for storing and saving the persistent

session data. A sample SQL script located at

$NSJSP_HOME/conf/iTP_SessionStore.sql.sample

is provided with the NSJSP distribution, enabling you to create a NonStop SQL catalog

and table.

To create the NonStop SQL database for storing the persistent session data, you can

do one of the following:

•

Copy the iTP_SessionStore.sql.sample file and replace all occurrences of

=TheT1222SessionCatalog with the Guardian location (of the form

$Volume.SubVolume) where you wish the persistent session catalog and table to

be created. This subvolume (disk) should be a TMF-audited data volume.

Then, pass this file as an input to the NonStop SQL Command Interpreter (SQLCI)

using this OSS command:

osh> gtacl -p sqlci < iTP_SessionStore.sql.your_copy

•

Or run the NonStop SQL commands directly from the NonStop SQL Command

Interpreter (SQLCI), replacing the =TheT1222SessionCatalog string with the

Guardian location of the persistent session catalog (of the form