Jalo Session
Before start to Jalo Session. We should aware about to HTTP session. In web terminology, session is simply the time interval in which two systems communicate with each other. The two systems can share a client-server or a peer-to-peer relationship. Web applications that work on http protocol. The Http Session object is used for session management. A session contains information specific to a particular user across the whole application.
Don't be confuse with Jalo layer in Hybris. Jalo layer is deprecated now but not Jalo session. The Hybris Jalo Layer was a tight coupling between data model and business logic, as the implemented business logic in Java classes that are generated the data mode.
Jalo Session is one of core concept of SAP Hybris Commerce. A Jalo Session contain data about the current user and their settings. Every Jalo Session object is associated with a Session Context object, which has current user, language, currency etc and the current HTTP Session object. Every request come from web browser to hybris server, it may need current user details, currency, language, time zone etc to serve that request efficiently. But Http Session does not hold all these details, so hybris came up with the concept of Jalo Session. Every Request associated with a Jalo Session in Hybris Commerce.
Each Jalo Session is bound to a tenant. It cannot be changed, after the instance of Jalo Session is created. Jalo Session is never made persistent in database.
A Jalo Session is always associated with a Session Context that holds below references:
JaloSession User
JaloSession Currency
JaloSession Language
JaloSession Locale
JaloSession Timezone
JaloSession Price factory
Whenever a request is made to Hybris, the filter HybrisInitFilter creates an object of JaloSession. Hybris Commerce automatically creates a Jalo Session when a web browser send request to a Java Servlet filter in Hybris Commerce. Whenever Jalosession is instantiated SessionContext is pre-set with system defaults values.
Below method will return the currently active JaloSession or create a new JaloSession if none is currently active
JaloSession session = JaloSession.getCurrentSession();
JaloSession Lifecycle
Instantiation or Getting a JaloSession
Modifying a JaloSession
Closing a JaloSession
Instantiation or Getting a JaloSession
For instantiation or getting a Jalo session need to call JaloSession.getCurrentSession() method. It will return the currently active JaloSession . if not present active session then It will create a new JaloSession and return.
JaloSession.getCurrentSession()
Modifying a JaloSession
If required, you can modify JaloSession or SessionContext by change this setting. By default, JaloSession's SessionContext user is anonymous. If you want to update user in context set value by using below method
jalosession.getSessionContext().setUser(jalosession.getUserManager().getUserByLogin( "MyUser" ) );
Similarly , you can update language using below method.
jalosession.getSessionContext().setLanguage(....);
Closing a JaloSession
When User is login in website, Session is created. when User is going to logout then required need to close than session. In Hybris we can call below method for close session instantly
JaloSession.getCurrentSession().close();
When User is login in website, Session is created. when User is going to logout then required need to close than session. In Hybris we can call below method for close session instantly
Jalo Session is automatically close when session timeout. default.session.timeout property already set by Hybris Platform in project.properties where Jalo session expires after the seconds specified in this property automatically.
We can mange session time with properties value or set expiration time in method in seconds
JaloSession.getCurrentSession().setTimeout( 60 ); // Timeout after 60 seconds
JaloSession.getCurrentSession().setTimeout( -1 ); // No timeout:
The Hybris JaloSession is usually bound to HttpSession and has the same life time. This means that if an http session is closed or timeout, both the http session and JaloSession session are destroyed.
In addition, Http session timeout is managed by SessionCloseStrategy as well. It allows to you for hook into the session close.
Global Timeout
This timeout value is a global timeout value which means its applicable for all the hybris applications like storefront, cockpit, hac etc. value should be positive number and 0 means that session will never time out
default.session.timeout=1800
Same if you want to set timeout for specific extension. you can use like below
[extension].session.timeout=1500
Same if you want to set timeout for hac extension.
hac.session.timeout=1500
Custom Code for Session Invalidation
You need to extends DefaultSessionCloseStrategy class and need to override closeSessionInHttpSession or closeJaloSession method.
public class DefaultUserSessionCloseStrategy extends DefaultSessionCloseStrategy
{
private static final Logger LOG = Logger.getLogger(DefaultUserSessionCloseStrategy.class.getName());
@Override
public void closeSessionInHttpSession(final HttpSession httpSession)
{
LOG.info("Delete Http Session");
// Add custom Logic here
super.closeSessionInHttpSession(httpSession);
}
@Override
public void closeJaloSession(final JaloSession session)
{
LOG.info("Delete Jalo Session");
// Add custom Logic here
super.closeJaloSession(session);
}
}
JaloSession object is held in memory only, it is not persistent into the database. The JaloSession class implements the Serializable interface so that JaloSession objects could be transferred across application server nodes within a Hybris Commerce cluster.