To use HTTP sessions, ensure that the instance-name.application.transport adapterEnabled property is set to 1.

HTTP sessions are required for load balancing. When load balancing is implemented using clusters of PAS for OpenEdge instances, HTTP sessions allows session context information to be available to all the nodes in the cluster. Therefore a single session between a client and a web application can be maintained over any number of instances in the cluster.
Note: You can use the tcman sessions action to display how many sessions are active for a web application. For more information, see Display web application HTTP sessions (sessions).

Applications deployed to REST, SOAP, and WEB transports implicitly use HTTP sessions. By default, the ROOT application for APSV is enabled. To enable HTTP sessions, set the following combination of instance-name.application.APSV properties:

  1. Edit the instance-name/conf/openedge.properties.
  2. Locate the [instance-name.application.APSV] entry for the application.
  3. Enable useHTTPSessions and enableRequestChunking by setting them to 1. 
    enableRequestChunking=1
useHTTPSessions=1

    Progress recommends that chunking is enabled when you enable the HTTP session to improve performance. Chunking is an efficient method for sending a large amount of data in a request or response when the size of the content is not known. Chunking also ensures that all the data gets transmitted in a single post operation in the context of a single session to a single server.

  4. Save the changes.
  5. Restart the instance for the server to apply the changes.

For an overview of all instance-name.application.APSV properties, see the APSV transport property descriptions in the openedge.properties.README file. If you want to implement load balancing, see Load balance PAS for OpenEdge instances.

Note: Support for HTTP cookies by an ABL client is limited to what is explained in this section. When using the APSV transport, the ABL client does not support all HTTP cookies functionality. For example, ABL client does not support the Secure attribute of an HTTP cookie. These unsupported attributes are ignored by the ABL client.

Programmatic considerations

The web application determines when to start and stop a session. Also, It not only determines what contextual information will be stored in the session, it determines how that information will be stored.
Note: The Spring Security framework built-in to PAS for OpenEdge saves client login state information to HTTP sessions.
By default, when a web application running on a PAS for OpenEdge instance decides to initiate a session with a client, it creates a JSESSIONID cookie that identifies the session. The cookie is sent to the client. Every time the client runs a request to that application, the cookie gets sent back to the PAS for OpenEdge instance, whose job is to identify and retrieve the stored data that is associated with the session ID.

Context information required for the session is automatically saved in HTTP sessions. It is up to the application to determine what needs to be saved and how to save it. Context data itself can be saved to and retrieved from HTTP sessions, or you can save the context information externally and just save a reference to it in HTTP sessions. The latter option is more efficient when there is a large amount of data associated with the session.

In ABL for example, the SERVER-CONNECTION-CONTEXT attribute of the SESSION system handle is commonly used to set context information. If the context information can be expressed as a string of less than 32K, the attribute can be set to that value. The 32K maximum may be even less, depending on the other limitations imposed by your particular configuration. However, the more data you store in SERVER-CONNECTION-CONTEXT, the more performance is likely to suffer. Therefore, the recommended practice is to store the context information in a database and use the SERVER-CONNECTION-CONTEXT attribute as a reference to the context information.

The implementation of how to store context varies widely, and depends on application requirements. For more information on how to use the SERVER-CONNECTION-CONTEXT attribute, see Use the SERVER-CONNECTION-CONTEXT attribute in Application Development with PAS for OpenEdge and SERVER-CONNECTION-CONTEXT attribute in ABL Reference.