Re: Ideal way to minimize resources used by Tomcat for sessions
2012/11/19 Baron Von Awsm : > My web app consists of a single servlet, no JSPs and no static content. The > servlet retrieves XML from POST submissions and hands the XML and IP > address of the client to an API/engine. This engine can work outside of a > web container and has no knowledge of a web container. It has its own > mechanism for managing sessions. > > For this reason, for this web application, I require no session management > overhead by Tomcat. I would like to disable all aspects (that I can) of > Tomcat session management, including session cookies and/or url rewriting. > > Searches on the topic yielded the following suggestions, > > 1. Never call getSession(). > That makes sense - if its never called then > things are never stored in the session and, perhaps, Tomcat doesn't create > some things that it might have. +1. Unless you call getSession() or getSession(true) no new session is created. (There is a small number of components, such as FormAuthenticator, that will create a session, but all them are off by default). Note that you can implement a javax.servlet.http.HttpSessionListener (like the one in the examples webapp). Its "sessionCreated()" method will be called whenever a session is created in your webapp. If there is no session, no urlrewriting happens. The set-cookie response header is sent only when a new session is created. Regarding some processing of incoming cookie header, I think it will be parsed, but I am sure that its value is not used unless getSession(false) is called (which causes a lookup of an existing session using that ID). You should be able to ignore that overhead. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Ideal way to minimize resources used by Tomcat for sessions
Hi Jens It is a requirement that I set up an http/s end point that runs in Tomcat. This is a question about the best way to minimise session management resources in Tomcat. I don't want my post to get side-tracked on a debate quibbling about my requirements. I'm after subject matter expertise when it comes to session management in Tomcat. You can take it as a given that I can be considered a subject matter expert regarding my own requirements. Cheers. On 21 November 2012 18:21, mailingl...@j-b-s.de wrote: > Why do you need a Webserver at all? > What about plain Java Sockets instead? > > Jens > > Von meinem iPad gesendet > > Am 19.11.2012 um 03:34 schrieb Baron Von Awsm : > > > My web app consists of a single servlet, no JSPs and no static content. > The > > servlet retrieves XML from POST submissions and hands the XML and IP > > address of the client to an API/engine. This engine can work outside of a > > web container and has no knowledge of a web container. It has its own > > mechanism for managing sessions. > > > > For this reason, for this web application, I require no session > management > > overhead by Tomcat. I would like to disable all aspects (that I can) of > > Tomcat session management, including session cookies and/or url > rewriting. > > > > Searches on the topic yielded the following suggestions, > > > > 1. Never call getSession(). That makes sense - if its never called then > > things are never stored in the session and, perhaps, Tomcat doesn't > create > > some things that it might have. But I have some question marks over this > > suggestion. Does Tomcat still utilise resources simply by having the > > standard session manager in place? Does tomcat still set cookies and/or > > rewrite URLs? If I never call getSession() will this lead to as little > > resources being used when compared to a solution that replaces the > standard > > manager with a 'do nothing' manager implementation? > > > > 2. Set the 'cookies' attribute of the context to false. To me, I would > not > > think this addresses my issue at all. > > > > 3. Write a Manager implementation that does the bare minimum. This would > > seem like the best solution to me, although, the most time consuming. > > > > My question - Given that I do not require the use of http sessions in > > Tomcat, what would be the best way for me to minimise the resources > Tomcat > > devotes to session management? I would prefer if the solution disabled > > session cookie writing and/or url rewriting, as neither serves a purpose > as > > there are no sessions to track (from my application's perspective). > > > > Cheers. > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Ideal way to minimize resources used by Tomcat for sessions
Why do you need a Webserver at all? What about plain Java Sockets instead? Jens Von meinem iPad gesendet Am 19.11.2012 um 03:34 schrieb Baron Von Awsm : > My web app consists of a single servlet, no JSPs and no static content. The > servlet retrieves XML from POST submissions and hands the XML and IP > address of the client to an API/engine. This engine can work outside of a > web container and has no knowledge of a web container. It has its own > mechanism for managing sessions. > > For this reason, for this web application, I require no session management > overhead by Tomcat. I would like to disable all aspects (that I can) of > Tomcat session management, including session cookies and/or url rewriting. > > Searches on the topic yielded the following suggestions, > > 1. Never call getSession(). That makes sense - if its never called then > things are never stored in the session and, perhaps, Tomcat doesn't create > some things that it might have. But I have some question marks over this > suggestion. Does Tomcat still utilise resources simply by having the > standard session manager in place? Does tomcat still set cookies and/or > rewrite URLs? If I never call getSession() will this lead to as little > resources being used when compared to a solution that replaces the standard > manager with a 'do nothing' manager implementation? > > 2. Set the 'cookies' attribute of the context to false. To me, I would not > think this addresses my issue at all. > > 3. Write a Manager implementation that does the bare minimum. This would > seem like the best solution to me, although, the most time consuming. > > My question - Given that I do not require the use of http sessions in > Tomcat, what would be the best way for me to minimise the resources Tomcat > devotes to session management? I would prefer if the solution disabled > session cookie writing and/or url rewriting, as neither serves a purpose as > there are no sessions to track (from my application's perspective). > > Cheers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Ideal way to minimize resources used by Tomcat for sessions
My web app consists of a single servlet, no JSPs and no static content. The servlet retrieves XML from POST submissions and hands the XML and IP address of the client to an API/engine. This engine can work outside of a web container and has no knowledge of a web container. It has its own mechanism for managing sessions. For this reason, for this web application, I require no session management overhead by Tomcat. I would like to disable all aspects (that I can) of Tomcat session management, including session cookies and/or url rewriting. Searches on the topic yielded the following suggestions, 1. Never call getSession(). That makes sense - if its never called then things are never stored in the session and, perhaps, Tomcat doesn't create some things that it might have. But I have some question marks over this suggestion. Does Tomcat still utilise resources simply by having the standard session manager in place? Does tomcat still set cookies and/or rewrite URLs? If I never call getSession() will this lead to as little resources being used when compared to a solution that replaces the standard manager with a 'do nothing' manager implementation? 2. Set the 'cookies' attribute of the context to false. To me, I would not think this addresses my issue at all. 3. Write a Manager implementation that does the bare minimum. This would seem like the best solution to me, although, the most time consuming. My question - Given that I do not require the use of http sessions in Tomcat, what would be the best way for me to minimise the resources Tomcat devotes to session management? I would prefer if the solution disabled session cookie writing and/or url rewriting, as neither serves a purpose as there are no sessions to track (from my application's perspective). Cheers.