Many titles that are reserved for user Session verification during development are interesting and summarize several plans for reference only. [Title proposal] in order to meet the needs of large enough customers, we set up N Web servers
Many titles that are reserved for user Session verification during development are interesting and summarize several plans for reference only.
[Title proposal]
To meet the needs of a large enough scale to meet more customers, we set up N Web servers (N> = 2). when multiple Web servers are deployed, we will refer to a title: After a user logs on to a server, if the user can continue to apply the user's Session when crossing to another server?
(The following plan is only for the development architecture of Linux/Unix Apache Mysql PHP. of course, it can be expanded to other platforms .)
[Title solution plan]
Since our title is already present, we need to solve the title from the technical point of view, give our customers a better experience, and summarize several plans.
1. method for writing client cookies
After a user logs in successfully, the website domain name, user name, password, token, and session validity are all written into the client's cookie, if a user switches from a Web server to another server, our program actively checks the customer's cookie information and then provides the corresponding service. of course, if the cookie expires, otherwise, the service will not be sustained. Of course, the disadvantages of this method can be ignored. for example, if the client disables cookies or the cookies are stolen by hackers, how can this problem be solved?
2. method of Session data synchronization between servers
Assume that Web server A is the server that all users log on to. when the user authenticates to log on, the session data will be written to server, you can write scripts or daemon to synchronize session data to other Web servers. when the user jumps to another server, the session data is consistent, naturally, you can directly perform services without having to log on again. The problem is that it may be slow and unstable. if it is unidirectional synchronization, the login server will display the title, and other servers will not be able to provide services. of course, you can also consider the title of bidirectional synchronization.
3. using NFS to share Session data
This plan is similar to the following Mysql plan, but the storage method is different. Generally, a public Network File Server is used as a shared Server. when all Web servers log on, session data is written to this Server, all session data is actually retained on this NFS server. no matter the user visits the too-Web server, they will come to this server to obtain session data, then the session data can be shared. The problem is that the dependency is too strong. if the NFS server is down, then everyone cannot work. of course, you can consider the situation of synchronizing multiple NFS servers.
(Classic article about NFS: http://linux.vbird.org/linux_server/0330nfs.php)
4. Using the Mysql database to share Session data
This method is similar to the NFS method. It also uses a Mysql server as a shared server to keep all session data on the Mysql server, all Web servers use this Mysql server to obtain Session data. The problem is that the dependency is too strong. Mysql cannot work and affects all Web servers. of course, you can consider too many Mysql databases to share sessions and apply the method of synchronizing Mysql data.