Session management

Session information for portlets is kept in the WebSphere Portal Server PortletSession core object. It is at the application scope and not at the portlet scope. This ensures that multiple portlets on a page and across pages can communicate as one client with the WebSphere Commerce Server.

For more information about the PortletSession, see Core objects.

To communicate with a WebSphere Commerce service, each portlet must have two pieces of information - the authentication callback handler object and the business context object. These objects are stored, as a pair, in the portlet session, and so each portlet can potentially have its own unique session information. A contextKey is introduced to uniquely identify the object pair stored in the portlet session, because the session information is global across all active portlets. It is also possible to configure multiple portlets with similar business behavior, using the same contextKey, to share the same contextual and identity information.

This session information can then be used for downstream components such as WebSphere Commerce service JSP tags. These components rely on the render parameter, contextKey, from the request for retrieving the necessary business context and the authentication callback handler object. This mandatory render parameter is set by the action handler for each portlet request.

For more information about the BusinessContextType and AuthenticationCallbackHandler, see Business context object and Authentication callback handler object.