Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Session Scope Masking

DZone's Guide to

Session Scope Masking

There are several reasons to override a connector's Session Handler in Mule Flow. Learn why and how to do this with this simple walkthrough.

· Integration Zone ·
Free Resource

SnapLogic is the leading self-service enterprise-grade integration platform. Download the 2018 GartnerMagic Quadrant for Enterprise iPaaS or play around on the platform, risk free, for 30 days.

When you declare a Session Property it will be propagated by default to other flows in the current application or a different application. This is so because the Session is serialized and added as a message attribute (named MULE_SESSION). So, if you make an HTTP outbound request, the receiver HTTP inbound will receive this property (you'll notice the MULE_SESSION HTTP header that contains the serialized session), and will make it accessible for the receiver flow.

There are at least two reasons for you to want to avoid this behavior:

  1. The first one is because you want to maintain the different processes independently, and you only want to use session scope to maintain that property reachable from the main flow itself and their sub-flows (referenced by flow-ref).

  2. The second one is for performance issues; you don't need (or want) to send the serialized session through the underlying transport in order to reduce the message size.

So if for this or any other reason you want to avoid having the session propagated through the outbound endpoint, then you need to override the connector's Session Handler, and use the NullSessionHandler.

For instance, for HTTP Transport, the connector should look like the following:

<http:connector name="httpConnector" >
<service-overrides sessionHandler="org.mule.session.NullSessionHandler"/>
</http:connector>

Even when you configure the connector to avoid sending the session as part of the message, this property could be created if there is a different outbound endpoint which connector doesn't use a NullSessionHandler.

In that case, you'll need to add a transformer that removes the MULE_SESSION outbound property from the message, so it doesn't propagate to other outbound or as part of the response to the original request.

The transformer should look like the following:

<message-properties-transformer name="removeSession">
<delete-message-property key="MULE_SESSION" />
</message-properties-transformer>

With SnapLogic’s integration platform you can save millions of dollars, increase integrator productivity by 5X, and reduce integration time to value by 90%. Sign up for our risk-free 30-day trial!

Topics:
mule flow ,integration ,mule ,scopes

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}