DEV Community

Jihao Deng
Jihao Deng

Posted on

DA07 Sessions

本篇主要讲Session,这个并不是web里面用到的session,而是一个更宽泛的概念。

What is Session?

Session is the state of an application during the time a user is interacting with it.

Session is temperary data that is useful only during the time a user is interaction with the application.

Web service是stateless的,但是我们的应用需要是stateful的,这里就会用到session。但是对于一个server,可能会与大量的client链接,每一个client都会发送请求,这会使server需要存储大量的数据来保持stateful。所以,我们有不同的session:

  • client session state
  • server session state
  • database session state

Client Session State

Store session state on the client.

一共有三种实现方法(或者说以下三种都是client session):

  • URL parameters,does not scale well
  • hidden fields,比如隐藏的标签。This data is sent in serialised form.
  • cookies,

Pros and Cons

Pros

  • Resilience: server failures 不会对其造成影响;
  • Clustering: works well with server clusters

Cons

  • Scalability: 不适合数据量较大的情况,因为所有的数据都会在请求中发送给server
  • Security:不安全,因为涉及到传输数据

Server Session State

Keep the session state on the server system in a serialised form. 数据加存储在server的内存中。

实现的方法是:server maintain a map of objects indexed by the session ID.

Pros and Cons

Pros

  • 简单易于实现

Cons

  • Clustering:如果server是分布式的,那么会需要考虑一致性的问题

Database Session State

Store session data as committed data in the database.

Session state is maintained in the database based on the session ID.

实现的方法可以是在表中加一个字段,或者再创建一个表

Pros and Cons

Pros

  • 避免了分布式server带来的一致性问题

Cons

  • 性能不好
  • 难以实现

Top comments (0)