Logging on to a website. | Visiting a website |
Using an API with a key. | Connecting to a remote server. |
Playing a video game that involves an online connection. | Signing in to a mobile app. |
Opening a mobile app. | Joining a video conference. |
Connecting to a database. | Opening a streaming media app on your television. |
Session Expiry
Sessions are perishable meaning that they expire if they aren't used. Using a session typically extends its life but a maximum duration on a session may also be enforced. Sessions may also be destroyed under other conditions such as the reboot of a server.Session Data
In many cases, services may store data in a session. This approach tends to be associated with simplistic designs that don't access a database. In the context of complex systems software, storing data in a session may be considered a poor design practice.Session Management
Sessions management is a term for the secure implementation of sessions. This includes authenticating sessions and cryptographic measures to prevent sessions from being stolen.Stateless Sessions
The primary purpose of sessions is to provide state so that every request to a service doesn't need to begin from the start again. However, in some cases sessions are implemented as stateless objects that only survive for the duration of a request. Stateless sessions are typically used to hold data for request processing.| Overview: Session | ||
Type | ||
Definition (1) | A perishable object that is used to manage information technology services and communications. | |
Definition (2) | An object used to authenticate requests and store data over multiple requests to a service by a user or entity. | |
Value | Sessions are used to implement security models whereby users or other entities only need to be authenticated once. A session is created and users or entities pass in session credentials to authenticate for subsequent requests.Sessions may also be used to store data temporarily. | |
Related Concepts | ||
