[nycphp-talk] sessions and load balancing
George Schlossnagle
george at omniti.com
Mon Nov 8 15:46:51 EST 2004
On Nov 8, 2004, at 3:46 PM, Dan Cech wrote:
> Matthew Terenzio wrote:
>> On Nov 8, 2004, at 3:15 PM, Adam Maccabee Trachtenberg wrote:
>>> On Mon, 8 Nov 2004, Matthew Terenzio wrote:
>>>
>>>> For applications using sessions, what are some strategies for being
>>>> able to scale to a multiple box level?
>>>
>>> * Store session on client (cookies)
>> Will forcing sessions to use cookies solve the problem completely.
>> Can you think of any issues that might arise?
>> Forgive me for asking before I look, but it seems like a DB backed
>> session solution would be a great PEAR project.
>
> I think what Adam was referring to was storing the actual session
> content in a cookie, rather than just the session_id.
>
> This can work provided your session data is small, and you don't ever
> trust it any more than any other data provided by the user.
You can encrypt or sign it as well, reducing a users ability to inspect
or (successfully) tamper with the cookies contents.
George
More information about the talk
mailing list