Clustered JEE sessions with redisson

Hi All :slight_smile:

We have a large number of lucee applications that are load balanced and are trying to move away from LB persistence by centralising J2EE sessions using redisson. After a couple of attempts at this I have got the session IDs into redis (via Manager className=“org.redisson.tomcat.RedissonSessionManager” ) but redisson can not read or write session data because of

Caused by: org.redisson.client.RedisException: Unexpected exception while processing command
  ... 46 more
 Caused by: java.lang.ClassNotFoundException: lucee.runtime.type.scope.JSession
  at org.redisson.codec.SerializationCodec$1.decode(

Has anyone else tried this?

Created my own shared sessions that use the onSessionStart create my own sessionid and then use mongodb.


We’ve tried this, but without much success. I’m looking forward to hearing about any successful approaches that y’all have taken.

You can do this in Lucee pretty easily.
in the application.cfc you can set

component {

And if i recall that is about it. All you need to do is now create a cache in the Lucee Admin pointing to whatever storage you want and session enable it.:

(notice ticking the Storage tickbox)
If you need other cache providers you can check here:

or of course, other vendors that provide caches.

Hope that helps!

1 Like

I thought that was for cfml sessions only. Is that not the case? We are using JEE sessions because cfml sessions raise issues in pentests.

Ahh true. Not sure what issues they raise? But regardless, I have had (historically) issues with serializing sessions in servlet containers. Hence using CFML sessions.

Yup. Sounds a familiar problem on Lucee: if you want clustered sessions they have to be cfml. Not complaining, of course! Just how it as at the moment. Redisson is a general Tomcat solution but it seems to not work with Lucee. Is a context/class loader issue I cant resolve.


Created my own shared sessions that use the onSessionStart create my own sessionid and then use mongodb.

Do you have any info on that? Did you add your own cookie? Did you also have the cfml session cookies enabled or JEE? What did you do with the old cookies, just expire them? When the request hit server 2 and server 2 decided “i dont know what this session is, I will start a new one” how did you access the existing unrecognised session id? Any more deets very welcome :slight_smile:


Ok I have something working POC. Is not great as the JSESSION is basically ignored, so lucee starts a new one every time, but I have session data centralised and being shared across servers.

Any info you can share about your implementation would be great but thanks for the tip :star: I may have to fall back to this if a redisson guru doesn’t show me the light :laughing:

which exact Lucee version? there were some jsession fixes in 5.3.9 relating to onSessionEnd

I dont think so , a number other session providers seems to have this issue. If it is solvable I would love to know too! I battled a lot a while back with this and there was a whole thread about using different serialziers (like JSON serializers) but of course this would mean a bit of a re-write.