Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

[AEM Gems Webinar] Accelerating Experience Manager as a Cloud Service development with Rapid Development Environments
Adobe Summit 2023 | Complete list of AEM Sessions & Labs
SOLVED

Can we replace sticky session by Crypto Token in AEM6.1?

Avatar

Level 2

Hi,

I read in Adobe docs that we can replace sticky session by Crypto Token in AEM6.1 here.  For configuration for the same I see this doc, here explained the how we can configure the same.

Is  there any other way to avoid sticky session in AEM6.1?

How can we verify that our configuration (for Crypto Token) is working properly or not..... means HttpSession is sharing across the publisher or not ?  

Regards,

Shardendua

1 Accepted Solution

Avatar

Correct answer by
Level 10

Yes crypto token avoids to use sticky issue.  Note http Sessions are server side sessions and hence violate the sessionless principle of REST and therefore should be used with care.  Crypto token will  not solve http session for that you need to depond on application server.   

In aem with the default authentication setup, there is a login-token cookie which is used to log in to the repository, crypto token will solve that problem & not to use sticky issue.  Various way to validate generally i change the renders in dispatcher.any to validate against publishers.

View solution in original post

0 Replies

Avatar

Employee Advisor

To test the encapsulation functionality you can simply use a debugging proxy applications like Fiddler or Charles to test the authentication.  Configure your proxy app to map main website URI to one of your publish instance URI. Then establish a session using your browser on the main website by logging into the website. After login is successful, change the mapping in the proxy application to second publish instance. Refresh the browser and see if you are still logged in or not.  If you are not logged in it means that encapsulated token authentication might not be working. 

Avatar

Correct answer by
Level 10

Yes crypto token avoids to use sticky issue.  Note http Sessions are server side sessions and hence violate the sessionless principle of REST and therefore should be used with care.  Crypto token will  not solve http session for that you need to depond on application server.   

In aem with the default authentication setup, there is a login-token cookie which is used to log in to the repository, crypto token will solve that problem & not to use sticky issue.  Various way to validate generally i change the renders in dispatcher.any to validate against publishers.

Avatar

Level 2

Thanks for your quick reply!

I have a Dispatcher and two publisher. I am storing some data using HttpSession on server; In my view this HttpSession object data will be stored only in publisher (say first one) using Sticky Session. So in this scenario load balancing not happen in proper way because Session is not sharing across the publisher.

What is the way to avoid Sticky Session so that we can have proper load balancing and Session shared across the publisher?