session consistency solutions

More welcome attention to micro-channel public number: engineer Xiaohui whole dish. No reply to the public keyword, receive free learning materials.

What is a session?

The server creates a session for each user, to store information about users, so that repeated requests to be able to locate the same context, this information is session. In this way, when users jump between Web page application, session variables are stored in the object will not be lost, but always exist throughout the user session.

session complements the stateless http protocol to achieve the purpose of maintaining state

What is a session consistency?

Assume that the user login session contains all the information recorded on the first server, if the reverse proxy to route requests to another server, you may not find the relevant information, which led to the user needs to log in again.


1. The client saved cookie


    The server does not need to store


    Every http request carries session, accounting for network bandwidth

    Data stored on the client, and network transmission, there is a leak, tampering safety hazards

    The size of the data stored by the session cookie limit

As the technology evolves, client information stored cookie appeared full amount cookie, cookie store sessionId and JWT in three ways, their different strengths and weaknesses, you can click the author of another blog View related presentations

Three Musketeers quickly learn session management cookie, session and JWT

2. session replication method

  • Ideas:
                Each synchronization session between a plurality of server, contains all of the session between the server so that each

  • advantage:

    Only need to set the configuration, the application does not need to modify the code


    session synchronous data to be transmitted, the occupied bandwidth of the network, there is a delay

    All server contains all the session data, limit the amount of data subject to sever the smallest memory, the ability to expand the level of poor

3. session storage center

  • Ideas:
                The session is stored in the server back-end centralized cache

  • advantage:

    No security risk

    Level can be extended to support cache cluster or horizontal expansion


    It adds a network call

    You need to modify the application code

4. session session blocking

session session adhesions: English original word for “Sticky Sessions”

  • Ideas:
                Reverse proxy layer allows a user with a request to ensure that it falls on a single server?

  • Method a: four agents hash. Reverse proxy layer uses the user to do the hash ip, ip to ensure that the same request falls on the same Server (Recommended more, to ensure that the transport layer is not introduced into the service logic layer)

  • Method two: seven proxy hash. Reverse proxy use of certain business property http protocol do hash, for example, can be more flexible implementation strategies hash sid, city_id, user_id, so as to ensure the same browser user’s request falls on the same server

  • advantage:

    Nginx only need to change the configuration, without modifying application code

    Server can support the level of expansion


    Extended server level, session redistribution after rehash, some users will not correct routing of session

    Even if a uniform hash hash, can not guarantee a uniform load server

More welcome attention to micro-channel public number: engineer Xiaohui whole dish. No reply to the public keyword, receive free learning materials.

Leave a Reply