How is SESSION implemented on the server (PHP/JAVA?

Generally, session can be implemented based on cookies, which is mainly from the client perspective. I want to know the storage status on the server. Sessions are stored in the memory. in the JavaPHP background, what is the lifecycle of object variables in a webpage request (JSPPHP, how does a SESSION-related object variable be stored in the memory for a long time without being destroyed? PS: We usually say that the session can be implemented based on cookies. this is mainly from the client perspective. I want to know the storage status on the server. Sessions are stored in the memory. in the Java/PHP background, what is the lifecycle of objects/variables in a webpage request (JSP/PHP, how does a SESSION-related object/variable be stored in the memory for a long time without being destroyed?
PS: WAF reply content: if the session is used in the first request of the client, the server uses a header item such as Set-Cookie in the response header, write sessionId back to the cookie of the browser. this Cookie is also called SessionCookie, which is cleared after the entire browser is closed. When a request is sent again, the request header sent by the browser contains a cookie header, namely, the sessionId you just wrote. when you reach the server again, according to this sessionId, the session created for the request is configured, so that all information saved with this sessionId is saved.
The default timeout value for this session on the server is 30 minutes, which means the session is cleared if it is not used for 30 minutes. If you have been using it all the time, it will be updated every time and will not be cleared at 30 points.
As for the existence of a session, it is only a specific implementation form. for example, to achieve high session availability, the session may be stored in Memcache or Redis, and even data may exist, the access is consistent. Session is divided into two parts: storage and transmission. In general, the storage is stored in the cache Directory (tmp) in the form of files, and can be modified into multiple forms, such as memcache storage. In terms of transmission, it is generally transmitted through the cookie of the session life cycle. when the session ends, the cookie is gone, so the session is gone. In fact, the session on the server still exists. Of course, the transfer can also be changed to another method. for example, if the app interface cannot be passed using cookies, the get or post method will be used to pass the session_id. after understanding the session principle, the interface is very convenient. Laxatives

Session cookie is a type of cookie. a cookie is stored in a browser, and the server does not necessarily need the corresponding storage.

The server has a stored session, which generally refers to the session id. the client can be maintained through cookies or other methods. the server maps session data to the user session based on the session id, the data is stored on the server, and only the session id is passed during transmission.

There are many types of storage on the server, including file-based storage, application memory storage, relational database storage, and NoSQL storage.

The answer is abstract, but as with many technical questions, a term must be clearly described and other terms must be used to be rigorous. For more information, see the following link.

Https://en.m.wikipedia.org/wiki/HTTP_cookie

Https://en.m.wikipedia.org/wiki/Session_ID Java implementation, according to the servlet specification, put a JSESSIONID in the cookie
Tomcat has a SessionManager, which is basically Session = map. get ("JSESSIONID ");
Then the session has an expiration mechanism.
For more information, see the tomcat code. The browser's php program directory contains the file to save the session information, and the file stream is also the default way for php to save the session. At present, high-concurrency websites like Baidu generally use memcache or other more advanced techniques to store session data.
The session on the server uses session_id, which is similar to the foreign key of the database, to contact the PHPSESSION field in the client cookie. Sessions are stored on both the server and browser.

Similar to bank withdrawal
The session_id stored in the browser is similar to the bank card number.
The server stores your session information.

When the browser accesses the server, it will bring this number to the browser. The server extracts the corresponding information based on this number, so session_id is very important and may be used by criminals.
So sometimes when you pay for something, you still need to verify it.

If you close the browser, the server will not lose this information, but the next time you open the browser, the session_id generated is different from the last one.

Will the information be permanently saved?
No, the information will expire, and the expired server will discard the information, so after a while, even if you haven't closed your browser, you have to log on again. Just like the loss of bank database information, it's useless if you have a card.

The loss time varies depending on the server configuration.

The above is the logic implementation method of java tomcat server