AEM Session | Community
Skip to main content
Murali89
Level 2
October 16, 2015
Solved

AEM Session

  • October 16, 2015
  • 6 replies
  • 7256 views

How to handle a user specific session in AEM, Is it fine to use HTTP Session so that i can store some attributes of user using session.setattribute method. Or is there any other way to handle user specific sessions in AEM?

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by ogill

Hi Murali,

As AEM is built on REST principles, the product does not maintain session state between requests. However, there is nothing stopping you using a session from CQSE/Jetty. Another option would be to store this in a cookie, but some clients don't approve of this approach.

If you have more than one instance that is running your code, then the session will not be replicated across the instances, so you would have to maintain a sticky connection.

The requirement for maintaining session data often comes from multi page forms, and an approach to this would be to create a single page app. 

What is your use case?

Regards,

Opkar

6 replies

smacdonald2008
Level 10
October 16, 2015

When working in AEM - you use a javax.jcr.Session using the Sling getServiceResourceResolver method:

 //Invoke the adaptTo method to create a Session 
 resolver = resolverFactory.getServiceResourceResolver(param);
 session = resolver.adaptTo(Session.class);

See this community article as an example: 

https://helpx.adobe.com/experience-manager/using/querying-experience-manager-sling.html

April 26, 2023

Your answer is absolutely irrelevant. Please read what the user is asking. How is a JCR Session going to help save user State.

https://developer.adobe.com/experience-manager/reference-materials/spec/jsr170/javadocs/jcr-2.0/javax/jcr/Session.html#getAttribute(java.lang.String)

There is not setAttribute method.

 

Adobe Employee
October 16, 2015

Hi,

the documentation only has examples of the session id being stored as a cookie in the users browser. I haven't come across examples of it being stored in AEM (nothing stopping you doing this). Is there any reason you would not want to use a cookie and are looking at storing it in AEM?

If you are using AEM and Hybris then it makes sense to use the AEM eCommerce framework and the approach it implements[1], unless of course there is a specific use case it does not cover.

Regards,

Opkar

https://docs.adobe.com/docs/en/aem/6-1/administer/ecommerce.html#The Framework

Murali89
Murali89Author
Level 2
October 16, 2015

Thanks for the quick response opkar, Details and some more questions as below.

 

We are using hybris, lets assume hybris returns a session id ( or OAUTH Token), Should AEM persist this token in aem and then clean it up once user logs out?  Also should we be handling this OAUTH  token using HTTP session? If we have to persist that token in AEM is there any example available?

 

To keep my question simple How do we handle the session id (or  OAUTH Token) in AEM for a particular user session.

Adobe Employee
October 16, 2015

Hi,

if you look at the way Commerce Framework in AEM works with Hybris [1], you will notice the session information is stored in the commerce engine, a session ID cookie corresponding to the session is stored in AEM. 

What commerce engine are you using?

You could use an http session, but be aware of the limitations.

Regards,

Opkar

 

[1] https://docs.adobe.com/docs/en/aem/6-0/develop/ecommerce/hybris.html#Session Handling

Murali89
Murali89Author
Level 2
October 16, 2015

We have a login page where the user will login, Once he logs in we will redirect him to a shopping page. Whatever things he adds it to his cart we will have to hold that information in session when he navigates to any other page before he logs out. is it fine if i use HTTP session??  Any suggestions for this??

ogillAdobe EmployeeAccepted solution
Adobe Employee
October 16, 2015

Hi Murali,

As AEM is built on REST principles, the product does not maintain session state between requests. However, there is nothing stopping you using a session from CQSE/Jetty. Another option would be to store this in a cookie, but some clients don't approve of this approach.

If you have more than one instance that is running your code, then the session will not be replicated across the instances, so you would have to maintain a sticky connection.

The requirement for maintaining session data often comes from multi page forms, and an approach to this would be to create a single page app. 

What is your use case?

Regards,

Opkar