Re: Going sessionless (and cookie limitations)
- From: "Brennan Stehling" <offwhite@xxxxxxxxx>
- Date: 11 Sep 2006 05:34:19 -0700
I think you end up spending a great deal more time in solving the
cookieless problem than you would if you use a load balancer which
maintained sticky sessions.
The sticky sessions will ensure the same web user reaches the same
server in the web farm so the reconnect with the same session. You
will not have to deal with additional database load because your
sessions are local to each machine in the web farm, not shared with a
central database.
Most decent load balancer hardware supports sticky sessions.
After attempting force ASP.NET applications like survive in a
cookieless mode, I learned it is best to avoid it whenever possible.
Brennan Stehling
http://brennan.offwhite.net/blog/
Jon Davis wrote:
Does anyone know of a best practices or common practices article URL for
implementing a sessionless web farm while still managing user logins, etc.?
I just got hired by a company that told me their web site is sessionless to
cut down on the overhead of using SQL Server or a state server to host
session state information. I've been scratching my head to try to figure out
what the ramifications are, and what methodologies could be used to retain
common functionality such as user login support without imposing a security
risk.
I'm assuming cookies are used for the entire "session" but then my question
becomes what limitations still exist for cookies? Don't they support only a
very, VERY small name/value size and a very small record count?
Jon
.
- References:
- Going sessionless (and cookie limitations)
- From: Jon Davis
- Going sessionless (and cookie limitations)
- Prev by Date: Re: Passing array of numbers to SQL query
- Next by Date: Session lost. Test and Live projects.
- Previous by thread: Re: Going sessionless (and cookie limitations)
- Next by thread: Re: Going sessionless (and cookie limitations)
- Index(es):
Relevant Pages
|
