ÃֽŠ°Ô½Ã±Û(OS/WAS)
2017.06.12 / 13:31
Tomcat - Session Management (¼¼¼Ç °ü¸®)
Ŭ·¡½Ä·Î¾â
Ãßõ ¼ö 231
Tomcat7¿¡¼ »ç¿ë °¡´ÉÇÑ Session Manager Ŭ·¡½º
Standard¿Í PersistentManager¸¸ ¼³¸íÇÑ´Ù.
| Session Manager | »ó¼¼ |
|---|---|
| org.apache.catalina.session.StandardManager | ±âº» ¼³Á¤. ÇÑ°³ÀÇ instance¸¦ »ç¿ëÇÏ´Â °æ¿ì¸¸ Àû¿ë°¡´É |
| org.apache.catalina.session.PersistentManager | µð½ºÅ© ¶Ç´Â DB¿¡ ¼¼¼ÇÀ» Persist. ¼¼¼Ç ½º¿ÍÇΰú Àå¾Ö ´ëó(fault tolerance) |
| org.apache.catalina.session.DeltaManager | cluster°£ ¼¼¼ÇÀ» º¹Á¦(¼¼¼Ç µ¥ÀÌÅÍ Áß Â÷ÀÌÁ¡¸¸À» º¹Á¦) clustered env. only |
| org.apache.catalina.session.BackupManager | cluster°£ ¼¼¼ÇÀ» º¹Á¦(¸ðµç ¼¼¼ÇÀÇ ¸ðµç Ŭ·¯½ºÅÍ ³ëµå¸¦ ÇϳªÀÇ ¹é¾÷³ëµå¿¡ ÀúÀå) clustered env. only |
<Manager>ÀÇ ¼³Á¤ °¡´É ¼Ó¼º (context.xml¼³Á¤)
| ¼Ó¼º (Attribute) | »ó¼¼ |
|---|---|
| className | Fully Qualified Class Name (»ç¿ëÇÒ managerÀÇ Ç® ³×ÀÓ) |
| distributable | ¸ðµç SessionÀÇ AttributeÀÌ java.io.Serializable ÀÎÅÍÆäÀ̽º ±¸Çö. ±âº»Àº false |
| maxActiveSessions | »ý¼º °¡´ÉÇÑ ¼¼¼ÇÀÇ ÃÖ´ë°ªÀ» ¼³Á¤. (-1ÀÎ °æ¿ì Á¦ÇÑ ¾øÀ½ ÀǹÌ) |
| maxInactiveInterval | ±âº» 60ÃÊ(´ÜÀ§ ÃÊ) web.xmlÀÇ session-timeoutÀ¸·Î override°¡´É |
| sessionIdLength | ¼¼¼ÇID(JSESSIONID)ÀÇ ±æÀÌ(bytes) |
StandardManager (Default)
StandardManagerÀÇ »ç¿ë
- ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÑ ¼¹öÀÇ Àç½ÃÀÛ/Á¤Áö½Ã¿¡ ÆÄÀÏÀ» µð½ºÅ©¿¡ ÀúÀåÇÑ´Ù. (TomcatÀÇ workÆú´õ)
- ¿¹±âÄ¡ ¾ÊÀº ¼¹öÀÇ ¿¡·¯·Î ÀÎÇÑ Á¤Áö½Ã¿¡´Â ÀúÀåµÇÁö ¾Ê´Â´Ù.
- CATALINA_HOME/work/Catalina/localhost/{WEBAPP}/SESSION.ser
StandardManagerÀÇ ¼³Á¤
1 2 3 4 5 | <Manager className="org.apache.catalina.session.StandardManager" maxActiveSessions="1" pathname="/mySessions.ser" sessionIdLength="60"> </Manager> |
StandardMangerÀÇ ¼³Á¤°¡´É¼Ó¼º
| ¼Ó¼º (Attribute) | »ó¼¼ |
|---|---|
| pathname | ±âº»Àº SESSION.ser |
| processExpiresFrequency | session¸¸·á¸¦ ¹é±×¶ó¿îµå ÇÁ·Î¼¼½º°¡ ¾ó¸¶³ª ÀÚÁÖ Ã¼Å©Çϴ°¡(°ªÀÌ ÀÛÀ» ¼ö·Ï ÀÚÁÖ) ±âº»°ªÀº 6 |
| secureRandomClass | session id¸¦ »ý¼ºÇϴµ¥ »ç¿ë java.security.SecureRandomŬ·¡½º¸¦ »ó¼ÓÇؼ ¸¸µé¾î¾ß ÇÑ´Ù. |
| secureRandomAlgorithm | ±âº»Àº SHA1PRNG |
| secureRandomProvider | ·£´ý³Ñ¹ö »ý¼ºÀ» À§ÇÑ Provider¼³Á¤ |
Disabling Session Persistence
1 | <Manager pathname=""/> |
PersistentManager¼³Á¤
- org.apache.catalina.session.FileStore
- org.apache.catalina.session.JDBCStore
PesistentManagerÀÇ ¼³Á¤ ¼Ó¼º
| ¼Ó¼º (Attribute) | »ó¼¼ |
|---|---|
| saveOnRestart | true°¡ µÇ¸é ÅèĹ ¼Ë´Ù¿î½Ã¿¡ ¸ðµç È°¼º ¼¼¼ÇÀÌ ÀúÀåµÇ°í ½ÃÀ۽ÿ¡ ÀúÀåÀåÄ¡·ÎºÎÅÍ ¸®·ÎµåµÈ´Ù. |
| minIdleSwap | idleÀÎ Session°´Ã¼°¡ ¸Þ¸ð¸®¿¡ ¸Ó¹° ¼ö ÀÖ´Â ÃÖ¼ÒÇÑÀÇ ½Ã°£(ÃÊ) |
| maxIdleSwap | idleÀÎ Session°´Ã¼°¡ µð½ºÅ©·Î ½º¿ÒµÇ¾î¾ß¸¸ ÇÏ´Â ÃÖ´ëÇÑÀÇ ½Ã°£(ÃÊ) |
| maxIdleBackup | swap°ú´Â ´Ù¸£°Ô sessionÀº activeÇÑ »óÅ·Π°è¼Ó Á¸Àç |
| processExpiresFrequency | session¸¸·á¸¦ ¹é±×¶ó¿îµå ÇÁ·Î¼¼½º°¡ ¾ó¸¶³ª ÀÚÁÖ Ã¼Å©Çϴ°¡(°ªÀÌ ÀÛÀ» ¼ö·Ï ÀÚÁÖ) ±âº»°ªÀº 6 |
| secureRandomClass | session id¸¦ »ý¼ºÇϴµ¥ »ç¿ë java.security.SecureRandomŬ·¡½º¸¦ »ó¼ÓÇؼ ¸¸µé¾î¾ß ÇÑ´Ù. |
| secureRandomProvider | ·£´ý³Ñ¹ö »ý¼ºÀ» À§ÇÑ Provider¼³Á¤ |
| secureRandomAlgorithm | ±âº»Àº SHA1PRNG |
FileStore
| ¼Ó¼º (Attribute) | »ó¼¼ |
|---|---|
| className | º¸Åë org.apache.catalina.session.FileStore |
| directory | session Á¤º¸¸¦ ÀúÀåÇÒ µð·ºÅ丮 |
| checkInterval | swapµÈ ¼¼¼ÇÀÌ ¸¸±âµÇ¾ú´ÂÁö üũÇÏ´Â ÀÎÅ͹ú |
JDBCStore – table ¼Ó¼º
| ¼Ó¼º (Attribute) | »ó¼¼ |
|---|---|
| sessionIdCol | Unique Session Id |
| sessionValidCol | SessionÀÌ À¯È¿ÇÑÁö |
| sessionMaxInactiveCol | Session inactive±îÁöÀÇ ½Ã°£ |
| sessionLastAccessedCol | ¼¼¼Ç ÃÖÁ¾ »ç¿ë ½Ã°£ |
| sessionAppCol | /Catalina/localhost/sample |
| sessionDataCol | HTTP sessionÀ» serializeÇؼ ÀúÀå |
Ãâó: http://goodcodes.tistory.com/entry/Tomcat-Session-Management-¼¼¼Ç-°ü¸® [Good Codes Make a Good Program]