Return to home page.
Member Control PanelWeb Mail LoginFAQ SupportHelp Desk
COMPANY       SERVICES      HOSTING       SUPPORT       PARTNER PROGRAMS       SIGN UP       DOMAIN NAMES  

 
Personal / Family Hosting
personal / family
With hosting plans starting at $1.95, it's never been easier to setup and maintain affordable personal web pages or family web sites.
More
Business / Managed Hosting
Business / Managed
Plans starting at $6.95, help businesses save money and receive value-add features like unlimited email accounts, domain hosting and the flexibility to add services on demand as needed.
Co-Located / Dedicated Servers
Co-Location / Dedicated
Starting at $49.95, our managed hosting plans offers competitive service features at a great value. Attractive co-location servicesstart at $100.

Sessions

HTTP being a stateless protocol, makes it possible for users to browse web pages in any order using hyperlinks. This stateless nature is acceptable for simple applications such as browsing, searching for content. However, in a more complex environment or application such as online shopping, checking email, cases where user authentication is required, one needs to keep a track of the user and allow the users actions to be stored somewhere. A user checking his/her email needs to be authenticated before being able to gain access to his/her email. One cannot directly call the email URL and read the email without following the proper procedure.

While cookies are ways to store the user information, client side session variables are ways to store or track the user information server side. Like cookies, sessions too have their time limitations depending on the nature of the application and the programmer.

Session is a way to identify and manage the state for a particular user using session variables. Whenever a user starts browsing a sessions enabled site, a session identifier is alloted to the client. Each time the client makes a request to the server, the session identifier is passed along with it and the server actions or responses are in the context of this session identifier.

Depending on the user's actions (such as closing the browser or logging out) or expiration of a time limit (as predetermined by the administrator) the sessions times out or is no longer valid. Future requests will have a new session identifier alloted to it.

When Sessions are important:

In web database applications, sessions are useful tools in helping control user interaction. They are also used to reduce server processing.

Performance:

In a stateless environment, an application may need to repeat a costly operation again and again which require calling many libraries and frequent interactions with the database. An application using a session variable to remember the result helps save on those repetitive but costly operations.

Order of Interaction:

An application such as a web based email client or a shopping site needs to present the pages to the browsers in an ordered and controlled manner. Only after being able to identify oneself or selecting items in a shopping cart can a user check his/her email or pay for the items selected. This can be controlled using sessions. If a user tries to access the email inbox directly without passing through the intermediate login page, the server will not recognise the page as being a legitimate request as no valid session variable would accompany the request. The server would then reject the request and redirect the user the login page or the error page.

Intermediate results:

In order to prevent incorrect data to be stored in the database, many database applications validate data before doing the final insert or update. Sessions help in maintaining this data in the middle tier allowing user to edit the data if and when errors are detected. In a shopping cart, a user may select many items and finally order only some at the final checkout. Sessions makes it possible for a user to do so easily and without having to do through a lengthy process of canceling orders.

Personalization of websites can be achieved using sessions. A website may allow users to store their preferences for browsing the website, such as the categories visible, colors, layout etc.

 

When not to use sessions:

While sessions are great for applications that demand an ordered and controlled movement of users, they are not useful in some cases.

Sessions need to be stored centrally. As http requests tend to be processed in the context of the session variable, it is not possible to distribute the content or data across multiple servers in order to tackle an increased load. since different requests can go to different servers, by the same user, the browsing experience would be hampered and even compromise on the security.

Sessions put an increased load on the server in identifying the session variables, it's validity. This affects the processing time and as a result the performance of the site is affected adversely. An increase in the memory requirements of applications in order to manage session variables increases the swapping memory required. As swapping requires a disk read/write which is slow, it affects the performance.

With sessions, the administrators will have to take a call on the time limit of sessions. This can sometimes lead to a bad user experience, because a user may not really have finished browsing and a reset session will delete all user preferences selected during the course of the session.

Bookmark restrictions:

A number of sites allow users to bookmark their pages to easily return on a selected page at a later time. If sessions are implemented in such sites or such areas of sites, then the user would be taken to an intermediate page before directly being able to access the page he/she would like to visit.

Sessions also leave a security hole as it allows hijackers to take over a session after a legitimate user has finished using the site but for some reason the session did not get garbaged or expired.


Back to Tech Support Topics

 
 
site by: DWM
©2006 Web Hosting Logic