1. Field of the Art
Generally, the present application relates to data processing. Specifically, the application is related to hybrid client-side/server-side session storage for tracking users on enterprise software networks in which a session can be transformed from a client-side, cookie based session into a server-side session object.
2. Discussion of the Related Art
Single Sign-On (SSO) user sessions maintained on a server side of an enterprise software system offer flexibility to support various integrations that require session validation at the server. A server-side session can be accessed from the server side, and session management operations like session sniping, limiting the number of session per users, and enumerating sessions created by a user can be performed using an access manager user interface (UI) behind the enterprise software system's firewall. One drawback of sessions maintained at the server side are the scalability issues in maintaining the whole set of concurrent sessions in server. That is, a large number of users become unwieldy for a server to manage.
The alternative, cookie-based sessions, can support more concurrent sessions because adding new sessions will not require server side resources. Any server in the cluster can accept and work with the cookie provided by the browser. But this approach has the disadvantage that server side session validations typically cannot be done without the presence of the cookie (or something akin to a cookie). Purely cookie-based solutions make the server stateless so that the server does not remember any particular user between requests to the web server. Furthermore, cookie size limitations on browsers and limitations on existing mobile agents may not be able to handle the extra data required for some enterprise network implementations.
There is a need in the art for more efficient user tracking in enterprise applications.