Questions and Answers - Platform Technologies



Guidelines, Patterns, and code for end-to-end Java applications.

Questions and Answers - Platform Technologies
  2. How and where should session state be maintained?

1.   How and where should session state be maintained?

Client-server systems are defined by servers providing information services to clients. Usually, there are more clients than servers, so servers need a way to keep track of which client is which. A "session" is a single client's conversation (usually involving many request/response roundtrips) with a logical server (which may be formed of one or more physical servers). Session state is client-specific data that is accumulated during the session.





J2EE Platform Overview
  • The Client tier . Storing all state for a session in the Client tier can help simplify server implementation, but may cause security and bandwidth problems.
  • The Web tier . Web-tier session state is lightweight and easy to implement with standard APIs, but is difficult to scale and is limited to HTTP clients. Still, if not using Enterprise JavaBeans, we recommend that HttpSession be used to track session state.
  • The EJB tier . Stateful session beans provide the easiest and most robust way to handle session state, but obviously incur the overhead of an Enterprise JavaBeans technology-enabled server.
  • The EIS tier . Maintaining session state in the EIS tier (usually the database) may be worthwhile in some situations, but this approach can cause performance bottlenecks. EIS-tier session state may be persisted by using entity beans, or the Web tier may persist session state directly to a database.


Left Curve
Java SDKs and Tools
Right Curve
Left Curve
Java Resources
Right Curve
JavaOne Banner
Java 8 banner (182)