A solution for sharing sessions among multiple Web servers. Many issues related to user Session verification are reserved during development. this issue is interesting and summarizes several solutions for your reference only. [Question proposal] in order to meet the reserved Session verification problems in many development applications, this problem is interesting. several solutions are summarized for reference only.
[Question]
To meet the needs of large enough applications and more customers, we set up N Web servers (N> = 2). when multiple Web servers exist, we will have a problem: After a user logs on to a server, if the user can continue to use the client's Session when crossing to another server?
(The following solution is only for the development architecture of Linux/Unix Apache Mysql PHP. of course, it can be extended to other platforms .)
[Problem solution]
Since our problems are already in front of us, we need to solve the problems from a technical perspective, give our customers a better experience, and summarize several solutions.
1. client Cookie writing method
After a user logs on to the client, the website domain name, user name, password, token, and session validity period are all written into the client's cookie in the form of cookies, when a user switches from a Web server to another server, our program actively checks the cookie information of the client and then provides the corresponding service. of course, if the cookie expires, or it is invalid, so users are not allowed to continue the service. Of course, the disadvantages of this method are self-evident. for example, if the client disables cookies or the cookies are stolen by hackers?
2. Session data synchronization between servers
Assume that Web server A is the server that all users log on to. when the user authenticates to log on, the session data will be written to server, you can write scripts or daemon to automatically synchronize session data to other Web servers. when the user jumps to another server, the session data is consistent, naturally, you can directly perform services without having to log on again. The disadvantage is that it may be slow and unstable. if one-way synchronization occurs, login to the server may fail, and other servers will not be able to provide services. of course, you can also consider the problem of two-way synchronization.
3. using NFS to share Session data
In fact, this solution is similar to the following Mysql solution, but the storage method is different. Generally, a public Network File Server is used as a shared Server. when all Web servers log on, session data is written to this Server, all session data is actually stored on the NFS server. no matter whether the user accesses the too-Web server, he/she must come to the server to obtain session data, then the session data can be shared. The disadvantage is that the dependency is too strong. if the NFS server is down, everyone will not be able to work. of course, you can consider synchronizing multiple NFS servers.
(Classic article about NFS: http://linux.vbird.org/linux_server/0330nfs.php)
Bytes. [Question proposal] to meet the needs of large enough applications...