Hi,
Is it possible to disable the creation of tomcat sessions when using it only as a completely stateless server for REST calls?
The goal of those rest services is to provide a replication system, so all session information is irrelevant, but even with 1 minute timeout lots of sessions get created causing issues in the tomcat server.
One option I have considered is to implement a custom filter that invalidates the session after processed the response, without much luck so far, would that be an approach that could work or is there something in the servlets that provide the rest service that will make it impossible?
Any other ideas or is there something fundamentally wrong that we are doing?
Cheers,
Hi,
Thanks for your reply, unfortunately that didn't work, in fact setting session-timeout to zero makes it never to expire.
The solution that finally worked was to develop a simple Java servlet filter to delete the session created, if that filter is applied last in the web.xml succeeds to keep tomcat without http sessions created.
Cheers,
<session-config>
<tracking-mode>URL</tracking-mode>
<session-timeout>0</session-timeout>
</session-config>
The URL tracking mode and 0 session timeout may block session cookies
Ensure the <http> element's 'create-session' attribute value is "stateless"
Hi,
Thanks for your reply, unfortunately that didn't work, in fact setting session-timeout to zero makes it never to expire.
The solution that finally worked was to develop a simple Java servlet filter to delete the session created, if that filter is applied last in the web.xml succeeds to keep tomcat without http sessions created.
Cheers,
The following article was created for the REST Manager:
knowledgebase.progress.com/.../How-to-disable-the-creation-of-sessions-in-the-REST-Manager