Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

AEM Session

Avatar

Level 3

How to handle a user specific session in AEM, Is it fine to use HTTP Session so that i can store some attributes of user using session.setattribute method. Or is there any other way to handle user specific sessions in AEM?

1 Accepted Solution

Avatar

Correct answer by
Employee

Hi Murali,

As AEM is built on REST principles, the product does not maintain session state between requests. However, there is nothing stopping you using a session from CQSE/Jetty. Another option would be to store this in a cookie, but some clients don't approve of this approach.

If you have more than one instance that is running your code, then the session will not be replicated across the instances, so you would have to maintain a sticky connection.

The requirement for maintaining session data often comes from multi page forms, and an approach to this would be to create a single page app. 

What is your use case?

Regards,

Opkar

View solution in original post

0 Replies

Avatar

Correct answer by
Employee

Hi Murali,

As AEM is built on REST principles, the product does not maintain session state between requests. However, there is nothing stopping you using a session from CQSE/Jetty. Another option would be to store this in a cookie, but some clients don't approve of this approach.

If you have more than one instance that is running your code, then the session will not be replicated across the instances, so you would have to maintain a sticky connection.

The requirement for maintaining session data often comes from multi page forms, and an approach to this would be to create a single page app. 

What is your use case?

Regards,

Opkar

Avatar

Level 3

We have a login page where the user will login, Once he logs in we will redirect him to a shopping page. Whatever things he adds it to his cart we will have to hold that information in session when he navigates to any other page before he logs out. is it fine if i use HTTP session??  Any suggestions for this??

Avatar

Employee

Hi,

if you look at the way Commerce Framework in AEM works with Hybris [1], you will notice the session information is stored in the commerce engine, a session ID cookie corresponding to the session is stored in AEM. 

What commerce engine are you using?

You could use an http session, but be aware of the limitations.

Regards,

Opkar

 

[1] https://docs.adobe.com/docs/en/aem/6-0/develop/ecommerce/hybris.html#Session Handling

Avatar

Level 3

Thanks for the quick response opkar, Details and some more questions as below.

 

We are using hybris, lets assume hybris returns a session id ( or OAUTH Token), Should AEM persist this token in aem and then clean it up once user logs out?  Also should we be handling this OAUTH  token using HTTP session? If we have to persist that token in AEM is there any example available?

 

To keep my question simple How do we handle the session id (or  OAUTH Token) in AEM for a particular user session.

Avatar

Employee

Hi,

the documentation only has examples of the session id being stored as a cookie in the users browser. I haven't come across examples of it being stored in AEM (nothing stopping you doing this). Is there any reason you would not want to use a cookie and are looking at storing it in AEM?

If you are using AEM and Hybris then it makes sense to use the AEM eCommerce framework and the approach it implements[1], unless of course there is a specific use case it does not cover.

Regards,

Opkar

https://docs.adobe.com/docs/en/aem/6-1/administer/ecommerce.html#The Framework

Avatar

Level 10

When working in AEM - you use a javax.jcr.Session using the Sling getServiceResourceResolver method:

 //Invoke the adaptTo method to create a Session 
 resolver = resolverFactory.getServiceResourceResolver(param);
 session = resolver.adaptTo(Session.class);

See this community article as an example: 

https://helpx.adobe.com/experience-manager/using/querying-experience-manager-sling.html