BIS Session management

The Xcentrisity BIS has session management capabilities that may be exploited. Session management involves the reservation of certain web server resources - memory, processes, etc. - for the use by a specific web client. In the case of BIS, the state of a service program, including data values, open files, current record pointers, etc., may be maintained between requests from a specific web client.

Session management is useful for interacting with services that must return large amounts of data under controlled circumstances. However, session management carries some inefficiency as well; the web client's request must be routed to a specific server, and significant memory and process resources may be held waiting for a misbehaving client that fails to return to use them. Use caution if you are considering a stateful BIS implementation.

BIS uses a cookie hold a session identification key. When a service program indicates that a session is to be maintained, and there are not SRF tags indicating otherwise, a cookie is sent to the web client with the response. The web client then sends this cookie back with its next request; the request handler uses the cookie value to reconnect the request with the correct session, thereby routing the request to a service program already waiting for it.