Best Practice in Managing HTTP-Based Client Sessions

摘要

Most organizations now have substantial investments in their online Internet presences. For major financial institutions and retailers, the Internet provides both a cost effective means of presenting their offerings to customers, and a method of delivering a personalised 24/7 presence. In almost all cases, the preferred method of delivering these services is over common HTTP. Due to limitations within the protocol, there is no in-built facility to identify or track a particular customer (or session) uniquely within an application. Thus the connection between the customer's Web browser and the organisation's Web service is commonly referred to as being "stateless". Because of this, organizations have been forced to adopt custom methods of managing client sessions if they wish to maintain state.