When you create a JSP portlet from a WAR file in Enterprise Portal version 5.1 and later – Enterprise Edition, there is a check box labeled Single Sign On (SSO). If you do not select this option, the implications are:
The JSP portlet is invoked without any credentials passed to it.
If the JSP portlet has the directive <% page session="true" %> in the JSP page, a new HTTP session is created whenever the JSP portlet is invoked.
A cookie is sent back to the portal, but the cookie is not remembered. Therefore, any state stored within the HTTP session is lost.
Since the HTTP session does not go away quickly—the default is 30 minutes in EAServer—repeated use of the JSP portlet can create a severe memory drain to the system.
| Copyright © 2004. Sybase Inc. All rights reserved. |
|
|
