Member-only story
Session Management: Issues and their Testing
What is Session:
As the name indicates, “Sessions” maintains the state of user interaction with the server. So in an application, It starts when the user logs into the application and ends when the user logs out from the application. Since HTTP is a stateless protocol and the server is not able to manage the identity of the user, the sessions are used to identify the user on the server.
What is the need of the session?
It not only maintains the time but also the activities which users did on the website or on the network. As we all know HTTP is stateless protocol so in order to maintain the user session , the things should have to be maintained on the bother sides(user and the server) the user includes the session identifier in each and every request which is being sent to the server, and the server verifies that identifier from its stored identifiers.
So whenever a user logs into an application that application assigns a session id to the individual user, that session id can you used to maintain the identity of the user on the server.
