I have my backend in JAVA and website is hosted on AWS server(2 or more). What is the best possible way to handle a user session on my website?
Looked into HTTPSession
but the drawback with it is that session of one server will not have same attributes as session of another server.
So What is the best solution for handling a user session?
P.S.: I am using Struts2.
There are two main approaches to dealing with session state when you have multiple app servers that can handle requests:
Have your load balancer implement "sticky" sessions. Here, the load balancer sends all requests from the same client to the same app server. The session is maintained locally there and everything works as if there were only one app server. When an app server goes down, all sessions that were sticky to that server are lost.
Have a common session store that is available to all app servers. When an app server receives a request, it grabs the session state from the session store and when it is done modifying the session state for that request, it writes it back to the store. The session store might be a shared database or perhaps an in-memory cache that is accessed remotely by all app servers. If an app server goes down, no sessions are lost. However, there is additional overhead on each request to read/write the session across the network.
To decide which approach to use, you will need to consider the importance of not having sessions be killed when you lose a server, session state size, etc. In my opinion, a common session store is nearly always desirable as it is operationally much easier to handle - you can always whack a server whenever you want to without killing sessions.
I will not speculate on possible choices for products available to support the implementation, as that would be purely opinion-based and off-topic for this site. Suffice to say that there are lots of good options - the particular choice that will be right for you will depend on your specific requirements and expertise.