tags:

views:

174

answers:

1
+6  Q: 

How is HttpSession implemented?

I just finished taking a final exam on web applications. Capping off what had been a rather easy (albeit lengthy - 12 pages) exam was a question asking us to code an implementation of sessions, similar to that done by javax.http.HttpSession.

I hate to admit, it stumped me. I cranked out a rather BS implemetation using a HashMap and did some craziness with a random cookie string mapping to a serialized HashMap on the server, but I'm pretty sure it's bogus...and now I'm dying to know how it's actually done.

Particularly as someone who has used PHP extensively but for whatever reason never bothered to learn the magic behind the convenience, I'm very interested to learn more about the underlying implementations of sessions. J2EE and PHP for sure, but any other languages/frameworks are great, too. Thanks!

+6  A: 

From my understanding - you're close.

From my understanding a cookie with what is essentially an MD5 "ID" is saved on the client side and delivered via cookie or modified GET.

On the server side the "session" data with matched sessionID is saved in a temp file (on Linux it is defaulted to /tmp). The session directory I believe can be set in the PHP.ini file.

ChronoFish  2009-12-11 00:48:45
+1, very concise summary. In PHP you can also implement your own session control handlers very easily, in case you want to use a database or other source for your session data. Essentially, a session is just a unique set of data with a few methods to interact with it (save, update, delete), and the data is tied to a user via a small identifiable token, ie. a cookie or GET parameter.
zombat  2009-12-11 00:55:54
It's probably worth calling out that the names of the cookies are JSESSIONID and PHPSESSIONID respectively. They also don't need to necessarily be cookies. They can be part of the URL like ;jsessionid=<id> or ;phpsessionid=<id>.
Taylor Leese  2009-12-11 01:03:56
A good way to understand the HTTP side of sessions is something like HTTP headers: https://addons.mozilla.org/en-US/firefox/addon/3829
Taylor Leese  2009-12-11 01:06:42

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases