The toolkit uses the following two approaches to handle session identification in an HTTP environment:
▪ Cookies
▪ Embedded identifiers
Mechanisms are provide to exploit the benefits of each of these approaches in order to cope with the following requirements:
▪ Maintain the communications protocol client session between client requests.
▪ Link the HTTP session to the application session information. This allows the solution to establish relationships between the client and the application working contexts.
▪ Use session persistence mechanisms to store and restore the session information in those environments where requests may be directed to different servers during the same session life cycle. This allows non-client affinity in an environment where requests are dispatched by a network dispatcher and addressed to multiple servers for load-balancing purposes.
No matter which session identification approach is used, it is the application's responsibility to perform the tasks required to meet its requirements. The toolkit does not provide fixed or default mechanisms to do these tasks because these are dependent on the specific solution environment. However, a set of infrastructure mechanisms are provided, and these are described in the remainder of this section.