All docs This doc
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

This topic is regarding sessions in the WSO2 API Manager (WSO2 API-M) and the process of enabling session persistence for these sessions. This is particularly useful when the remember me option is selected when logging into either the service provider or the WSO2 API-M. Follow the steps below to enable authentication session persistence.

  1. Uncomment the following configuration in the <API-M_HOME>/repository/conf/identity/identity.xml file, under the the Server and JDBCPersistenceManager elements.

     <SessionDataPersist>
         <Enable>true</Enable>
         <Temporary>false</Temporary>
         <PoolSize>100</PoolSize>
         <SessionDataCleanUp>
             <Enable>true</Enable>
             <CleanUpTimeout>20160</CleanUpTimeout>
             <CleanUpPeriod>1140</CleanUpPeriod>
         </SessionDataCleanUp>
         <OperationDataCleanUp>
             <Enable>true</Enable>
             <CleanUpPeriod>720</CleanUpPeriod>
         </OperationDataCleanUp>
    </SessionDataPersist>

    The following table describes the elements of the configurations mentioned above.

    Configuration elementDescription

    Enable

    This enables the persistence of session data. Therefore, this must be configured to true if you wish to enable session persistence.

    Temporary

    Setting this to true enables persistence of temporary caches that are created within an authentication request.

    PoolSizeTo improve performance, OAuth2 access tokens are persisted asynchronously in the database using a thread pool. 
    This value refers to the number of threads in that thread pool.

    SessionDataCleanUp

    This section of the configuration is related to the cleaning up of session data.

    Enable

    Selecting true here enables the cleanup task and ensures that it starts running.

    CleanUpTimeOut

    This is the timeout value (in minutes) of the session data that is removed by the cleanup task. The default value is 2 weeks.

    CleanUpPeriod

    This is the time period (in minutes) that the cleanup task would run. The default value is 1 day.

    OperationDataCleanUpThis section of the configuration is related to the cleaning up of operation data.
  2. Uncomment the following configuration under the Server element (which is the root element in the identity.xml configuration file). This is a step related to authentication session persistence. The previous configuration indicates whether to persist the cache or not, while this is about enabling caching and indicating its capacity.

    <SessionContextCache> 
    	<Enable>true</Enable> 
    	<Capacity>100000</Capacity>	
    </SessionContextCache>

    The following table describes the elements of the configurations mentioned above.

    Configuration elementDescription
    EnableWhen this is set to true, caching is enabled for sessions.
    CapacityThis is the size of the cache.

Note: If Single Sign-On is to work, you must enable at least one of the two configurations mentioned in this topic.

Related Topics
  • No labels