[Web-SIG] Session interface

Ian Bicking ianb at colorstudy.com
Tue Aug 16 19:02:12 CEST 2005

Phillip J. Eby wrote:
>> Session:
>>    An instance of this represents one user/browser's session.
>> SessionStore:
>>    An instance of this represents the persistence mechanism.  This
>>    is a functional component, not embodying any policy.
>> SessionManager:
>>    This is a container for sessions, and uses a SessionStore.  This
>>    contains all the policy for loading, saving, locking, expiring
>>    sessions.
> Which of these is responsible for managing client-side state?  (i.e. 
> cookie reading, setting, expiration, and refresh?)

SessionManager is responsible for expiration.  I'm not sure what you are 
thinking of for refresh.  Updating last-accessed time?  That would be 
the SessionManager as well.  Cookies are not handled at all by these 
objects -- that's one of those boring details I think is best left to 
library users (frameworks, services, middleware), or put in another object.

Ian Bicking  /  ianb at colorstudy.com  /  http://blog.ianbicking.org

More information about the Web-SIG mailing list