In computer science and networking in particular, a session is a time-delimited two-way link, a practical (relatively high) layer in the TCP/IP protocol enabling interactive expression and information exchange between two or more communication devices or ends – be they computers, automated systems, or live active users (see login session).
Protocol version HTTP/1.1 improved this by completing the Common Gateway Interface (CGI), making it easier to maintain the Web Session and supporting HTTP cookies and file uploads.
The session ID is embedded within the or
The load-balancing problem can be solved by using shared storage or by applying forced peering between each client and a single server in the cluster, although this can compromise system efficiency and load distribution.
Client-side sessions use cookies and cryptographic techniques to maintain state without storing as much data on the server.
In essence, client-side sessions trade server disk space for the extra bandwidth that each web request will require.
Typical session management tasks in a desktop environment include keeping track of which applications are open and which documents each application has opened, so that the same state can be restored when the user logs out and logs in later.
Session management is particularly useful in a web browser where a user can save all open pages and settings and restore them at a later date or on a different computer (see data portability).
To help recover from a system or application crash, pages and settings can also be restored on next run.
Google Chrome, Mozilla Firefox, Internet Explorer, OmniWeb and Opera are examples of web browsers that support session management.
If session information is considered transient, volatile data that is not required for non-repudiation of transactions and does not contain data that is subject to compliance auditing (in the U.S. for example, see the Health Insurance Portability and Accountability Act and the Sarbanes–Oxley Act for examples of two laws that necessitate compliance auditing) then any method of storing session information can be used.
In a service-oriented architecture, Simple Object Access Protocol or SOAP messages constructed with Extensible Markup Language (XML) messages can be used by consumer applications to cause web servers to create sessions.
The development of interactive enterprise applications required session management, but because SMS is a stateless protocol as defined by the GSM standards,[4] early implementations were controlled client-side by having the end-users enter commands and service identifiers manually.