In WSO2 Application Server, the http HTTP sessions of web applications are handled by the underlying, embedded tomcat instance. By default, tomcat provides two classes to manage the sessions of web applications: "StandardManager" and "PersistenceManager".
Additionally, the following features are available in AS for managing the sessions of web applications:
Please note that this UI-based session termination still does not work in a clustered setup. The sessions will be terminated only on the node from which the UI was loaded. Also, if you have a clustered environment, you can read more about HTTP sessions replications in a clustered environmentsession replication from here.
In WSO2 Application Server, "CarbonTomcatSessionManager" and "CarbonTomcatSessionPersistentManager" are the extensions to "StandardManager" and "PersistenceManager" implementations respectively. The main feature of these two manager implementations is that both are tenant aware and ensures that the sessions of one tenant cannot be accessed by other tenants. "CarbonTomcatSessionPersistentManager" has the capability to store the currently active and idle sessions to a storage scheme specified by the “Store” configuration. By default, there are two types of stores that can be used with the "PersistanceManager". They are File-based store and JDBC-based store. See the tomcat documentation for more information on these storage implementations.