The UNICOM® Digital Transformation Toolkit (UDTT™) Mobile Channel leverages HTTP session and uses cookie to maintain session id. For each client, the session with server needs to be established at the first time. When the session is established successfully, session id will be returned in cookie. The UDTT Mobile Channel maintains the session id in client and keeps it in the upcoming request so that the UDTT server knows where the request comes from.
The UNICOM® Digital Transformation Toolkit (UDTT™) server environment uses HttpSession to manage sessions, so it can leverage HTTPSessionListener to handle Session Expiration.
You can configure the TimeoutHandler in the UDTT server application web deployment descriptor (web.xml). com.ibm.btt.sm.TimeoutHandler implements HTTPSessionListener:
eRCP application expires session explicitly when the user logs off.
The following diagram illustrates the procedure of how session expires explicitly:
1 When the user logs off, the eRCP application invokes LogOff Operation through MobileAdapter.
2 MobileRequestServlet redirects the request to MobileRequestHandler.
3 MobileRequestHandler invokes LogOffOperation to do the cleanup job related to business logic.
4 LogOffOpreration marks the session expired and returns.
5 MobileRequestServlet cleans the session and invalidates the HttpSession.
6 MobileRequestHandler invokes MobilePresentationHandler to response.
7 MobileAdapter gets the response.
▪ Session expiring when timeout
When the HTTP Session times out, the TimeoutHandler will be invoked automatically to clean the session. The interval of session timeout can be configured in Application Server admin console.
