Various application servers have emerged as a result of the development of computer networks. From a historical view point, Web application servers evolved from various middleware products and techniques. A Web application server (or application server for short) is a distributed middleware software implementation product, and functions as an interface that connects with various kinds of clients on one end and various kinds of back-end system resources on the other end. It is in charge of managing clients' requests, providing a host environment for business logics, connecting with data, transaction, directory and other back-end computing resources. In general, the HTTP protocol is used to transmit data between clients and the application server. The HTTP protocol is a stateless protocol; that is, the application server treats every access to a page as unrelated to one another, and does not retain any information about the previous access, even if this access occurred just a few seconds ago. Therefore, the application server does not know any information about the previous accesses from the same client.
Accordingly, to remedy this drawback of the HTTP protocol, a session manager is typically used in the application server to manage all session state information. The session manager, like a Hashtable, produces a unique identifier, referred to as a session ID, for every new session, and uses these session IDs as the keys for saving all the session state information. During a client's access to the application server, the session manager will maintain the session state information. At the same time, the session ID will also be saved in the client's browser in the form of a cookie.
Session state information may typically be saved in the memory, files or a database of the application server, hence there are three session management mechanisms: memory-based session management, file-based session management, and database-based session management.
The memory-based session management is a mechanism with the fastest operation speed, and typically allocates a shared memory region in the memory of the application server specially where session state information can be accessed quickly. This mechanism poses high requirements on the system configurations of the application server, the system resources being required to bear high access traffic, otherwise, not only the access speed can not be increased, but contrarily the server would be overloaded due to the insufficiency of system resources.
The file-based session management is the most widely-used mechanism, in which session state information is typically stored in the hard disk of the application server in the form of text files. This mechanism is readily implemented, and the requirement on the system configuration of the server is not high, but the files storing session state information lack logic relations between them, and when concurrent access traffic is large, the number of the session management files will increase rapidly, not only greatly increasing the difficulty in designing the session management mechanism, but also accordingly impacting on the speed of accessing the session information.
The database-based session management is a mechanism that can be most easily extended, and requires the application server to have the support of a network database system, wherein session state information is all stored in the network database, and under the support of the database system, the session management can leverage fully the transaction processing, secure access, data integrity check and other mechanisms of the database to manage all session state information efficiently.
The adoption of the session management technique not only solves the problem of accessing session state information, but also greatly facilitates the development of applications for applications servers.
But, whichever session management mechanism is used, when users need to establish many or large session objects, a large amount of memory space of the application server often is occupied. And especially in a session affinity and persistence enabled or heavy-load environment, the performance and capability of the application server can be greatly decreased. Large objects' serialization/de-serialization and I/O will become a bottleneck of the application server.
Therefore, there is a need for a technique that can effectively ease the burden of users' session state information on the system.