Proposal for "HTTP_SessionServer"

» Metadata » Status
» Description

What is HTTP_SessionServer

HTTP_SessionServer is a simple PHP based daemon that helps you maintaining state between physically different hosts.

What is it good for?

It helps you doing several things:

  • share session data among different servers (e.g. when using a cluster)
  • share session data among different applications
  • share session data among different programming languages

How does it work?

HTTP_SessionServer implements a very simple protocol to store and retrieve data on the server. The storage backend is driver based, currently only a storage for the filesystem has been implemented, but you may easily change this.

How to build a client?

HTTP_SessionServer comes with a matching client implementation using Net_Socket. It should'nt be too hard to integrate this in you own session management.


Starting the server is easy, you only need to specify host, port and storage backend:


require_once 'HTTP/SessionServer.php';

$options = array(
                    'save_path' => '/tmp/session'

$server = &new HTTP_SessionServer('Filesystem', $options);
$server->service('localhost', 9090);
Using the client isn't much harder:


require_once 'HTTP/SessionServer/Client.php';

$session = &new HTTP_SessionServer_Client('localhost', 9090);

$id = $session->create();
echo "created new session with $id.\n";

echo "storing new value in key time\n";
$session->put('time', time());
echo "storing new value in key foo\n";
$session->put('foo', 'bar');

echo "get all keys from the session\n";
$keys = $session->getKeys();

echo "closing session\n";

$session2 = &new HTTP_SessionServer_Client('localhost', 9090);

$time = $session2->get('time');
if (!PEAR::isError($time)) {
    echo "getting value from key time: $time\n";    
} else {
    echo $time->getMessage()."\n";

Can I replace the session save handler for the built-in session management?

Yes, this is easily possible. All you have to do is add the following code prior to calling session_start().


require_once 'HTTP/SessionServer/SaveHandler.php';


You may now use the $_SESSION variable or session_register() as you used to. session_save_path() allows you to specify the host and port of the session server.

How does the communication look like?

HTTP_SessionServer uses a very simple protocol:

schst@rot2:schst> telnet localhost 9090
Connected to localhost.
Escape character is '^]'.
ok 1ea6d8af96ba22ed5262621bcd42841f
put foo bar
get foo
ok bar

Which commands does the server understand?

The server already knows the most important commands that are needed to store and retrieve session data:

  • new (create a new session)
  • open (open a new session)
  • close (close a session)
  • commit (change to readonly access)
  • put (store a values)
  • get (get a value)
  • remove (remove a value)
  • regenerate_id (change the session id)

Implementing you commands is really easy, you may extend HTTP_SessionServer and implement the function in PHP. HTTP_SessionServer will automatically call your new function.

What happens, when two applications try to access the same session?

HTTP_SessionServer supports different modes to open a session. When opening a session in write mode, only one client may access a session, all other applications will be blocked automatically.

When using readonly mode, any number of clients may access the same session.
You may change the mode of a session you opened in write mode to readonly using the 'commit' command.

Is it finished, yet?

There are still a lot of things left to do:

  • use locks for read-only access
  • implement lifetime and cache expire
  • implement some security features (limit to IPs)
  • more backends
  • client implementation for HTTP_Session

How to play the Lucky Jet game correctly? - Read the game's Lifehack with us!

» Dependencies » Links
  • Net_Server
  • Net_Socket (only when using the client)
  • ext/pcntl
  • ext/sockets
» Timeline » Changelog
  • First Draft: 2004-10-04
  • Proposal: 2004-10-05
  • Call for Votes: 2004-10-18
  • Stephan Schmidt
    [2004-10-15 15:09 UTC]

    Changes in v0.3.0:
    - removed HTTP_SESSIONSERVER_BASEPATH constant (requested by Alan)
    - added new commands get_all and put_all
    - added SaveHandler.php which provides an out-of-the-box solution for PHP's built-in session handling (requested by Alan and Michael)
    - changed @include to include (requested by Alan)
    - added some error checks

  • Thies C. Arntzen
    [2023-08-10 08:02 UTC]