i've been trying avoid using sessions. i've used spring security or other ways of having user logged in application, suppose major use case using sessions.
but other use cases ? please make list of important ones ? how come i've been able develop complicated applications without using sessions?
is because i'm using spring-mvc , using sessions practically not needed except login stuff ?
edit: guys question asking use cases... of answers explains sessions for. if summarize usecases, can sure, when use database or sessions maintaining conversation state... don't remember concrete scenarios needed sessions for? past years :)
for instance conversational state may become persistent after point / event. in case i'm using database beginning.
i think can want without storing on sessions.
i use sessions avoid having pass state between client , server (used id example) and when don't want send sensitive information client (even in encrypted form) might security problem.
other ways of avoiding using session are: * store state on database, e.g. shopping carts, instead of in session, if cart discarded after amount of time. * store state in cookies e.g. user customization
one use case when it's useful use session conversations, although frameworks manage behind scenes, , store conversation in session.
edit
converstions (in understanding) wizards, in complete several forms in different pages , @ end perform action. e.g. checkout process, user entes details, shipping address , credit card details in different pages, want submit order @ end, without storing intermediate state in db.
by sensitive information mean, imagine in previous example, once user sent credit card details, shouldn't return information in format (even encrypted) user. know it's bit paranoid, that's security :).
Comments
Post a Comment