Java - How to share the session between two or more Web Application?

Question

I have two web Applications. I will login in to one Web Application and will navigate to another by links or redirection from the first Application. Lastly after completing some

Answer 1

Technically, session between two web application (two different WARs) cannot be shared. This is by design and done for security reasons. I would like to make following comments and suggestions for your problem,

1. Session are generally tracked using an session ID which is generally stored as a cookie on the browser and Session object on the server side.
2. This cookie is sent server side every time when you send a request.
3. A cookie will be sent ONLY to the server where it came from.
4. So a cookie set by www.mysite.com/app1 will be sent only to www.mysite.com/app1 and not to www.mysite.com/app2.
5. For you case, for a user sessions to be valid across two application, the browser will need two cookies to be set from app1 and app2.
6. One way would be, when you login to app1 , using java script, also send a login request to app2. When both these request return successfully, your browser will have session for both the applications (app1 and app2)
7. Now logout will have its own challenges, when you logout from app1, you also need to logout from app2. Technically this means, you need to clear the cookies set from both of these applications. With little help from java script you can do this.

Answer 2

When you have to make a call to app2 from app1, pass all necessary information via the request object (as a request params) then app2 can read and create the session there (perhaps a servlet/filter can be used for this).

you can share a session between the same application (app1 and app1) across machines using clustering.