Skip to main content

What is a session, and what mechanisms are there to implement a session?

 Today we will answer 3 questions 

What is a cookie and what is the process of using a cookie?

What is a session, and what mechanisms are there to implement a session?

What is the difference between session and cookie?



What is a cookie and what is the process of using a cookie?

Since the http protocol is a stateless protocol, if the client does not have a mechanism to save the user's access state when accessing the web application through the browser, it will not be able to continuously track the operation of the application. For example, when a user adds a product to a shopping cart, the web application must save the state of the shopping cart while the user browses other products, so that the user can continue to add products to the shopping cart.

 Cookie is a caching mechanism of the browser, which can be used to maintain the session between the client and the server. Since the next question will talk about session, it should be emphasized that cookie will save the session on the client side (session is to save the session on the server side)

Here are the most common login cases to explain the cookie usage process:

First, the user initiates a login request to the server in the client browser.

After the login is successful, the server will set the login user information in a cookie and return it to the client browser. After the client browser receives the cookie request, it will save the cookie locally (It may be memory or disk, depending on the specific usage.) When the web application is accessed again in the future, the client browser will bring the local cookie with it, so that the server can obtain user information based on the cookie

 What is a session, and what mechanisms are there to implement a session?

A session is a mechanism for maintaining a session between the client and the server. But unlike cookie storing session information locally on the client, session keeps the session on the browser side.

We also use the login case as an example to explain the usage process of the session:

First, the user initiates a login request in the client browser.

After the login is successful, the server will save the user information on the server and return a unique session identifier to the client browser.

The client browser will save this unique session identifier.

When accessing the web application again in the future, the client browser will bring this unique session identifier, so that the server can find user information based on this unique identifier.

Seeing this may cause questions: return the unique session identifier to the client browser, then save it, and bring it with you when you visit later, isn't this a cookie?

 

Yes, session is just a session mechanism. In many web applications, the session mechanism is implemented through cookies. That is to say, it only uses the function of the cookie, and does not use the cookie to complete the session preservation. Contrary to the mechanism in which the cookie saves the session on the client side, the session saves the session information to the server through the function of the cookie.

Furthermore, session is a mechanism for maintaining a session between the server and the client, and it can be implemented in different ways. Take the more popular small programs as an example to illustrate the implementation of a session:

First, after the user logs in, the user log-in information needs to be saved on the server side. Here we can use redis. For example, generate a userToken for the user, then save it to redis with userId as the key and userToken as the value, and bring the userToken back to the applet when it returns.

After receiving the userToken, the applet will cache it, and bring the userToken with it every time it accesses the back-end service.

In subsequent services, the server only needs to compare the userToken brought by the applet with the userToken in redis to determine the user's login status.

What is the difference between session and cookie?

After the explanation of the above two questions, this question is very clear

1)     Cookie is a caching mechanism provided by the browser. It can be used to maintain the session between the client and the server.

2)      Session refers to a mechanism for maintaining the session between the client and the server. It can be implemented through cookies or through Realize by other means.

If a cookie is used to implement the session, the session will be saved in the client browser and the session provided by the session mechanism is saved on the server.

Labels:

Comments

Post a Comment

Popular posts from this blog

Defination of the essential properties of operating systems

Define the essential properties of the following types of operating sys-tems:  Batch  Interactive  Time sharing  Real time  Network  Parallel  Distributed  Clustered  Handheld ANSWERS: a. Batch processing:-   Jobs with similar needs are batched together and run through the computer as a group by an operator or automatic job sequencer. Performance is increased by attempting to keep CPU and I/O devices busy at all times through buffering, off-line operation, spooling, and multi-programming. Batch is good for executing large jobs that need little interaction; it can be submitted and picked up later. b. Interactive System:-   This system is composed of many short transactions where the results of the next transaction may be unpredictable. Response time needs to be short (seconds) since the user submits and waits for the result. c. Time sharing:-   This systems uses CPU scheduling and multipro-gramming to provide economical interactive use of a system. The CPU switches rapidl
Post a Comment
Read more

What is a Fair lock in multithreading?

  Photo by  João Jesus  from  Pexels In Java, there is a class ReentrantLock that is used for implementing Fair lock. This class accepts optional parameter fairness.  When fairness is set to true, the RenentrantLock will give access to the longest waiting thread.  The most popular use of Fair lock is in avoiding thread starvation.  Since longest waiting threads are always given priority in case of contention, no thread can starve.  The downside of Fair lock is the low throughput of the program.  Since low priority or slow threads are getting locks multiple times, it leads to slower execution of a program. The only exception to a Fair lock is tryLock() method of ReentrantLock.  This method does not honor the value of the fairness parameter.
Post a Comment
Read more

How do clustered systems differ from multiprocessor systems? What is required for two machines belonging to a cluster to cooperate to provide a highly available service?

 How do clustered systems differ from multiprocessor systems? What is required for two machines belonging to a cluster to cooperate to provide a highly available service? Answer: Clustered systems are typically constructed by combining multiple computers into a single system to perform a computational task distributed across the cluster. Multiprocessor systems on the other hand could be a single physical entity comprising of multiple CPUs. A clustered system is less tightly coupled than a multiprocessor system. Clustered systems communicate using messages, while processors in a multiprocessor system could communicate using shared memory. In order for two machines to provide a highly available service, the state on the two machines should be replicated and should be consistently updated. When one of the machines fails, the other could then take‐over the functionality of the failed machine. Some computer systems do not provide a privileged mode of operation in hardware. Is it possible t
Post a Comment
Read more