本文发表在 rolia.net/zh 相约加拿大网上社区枫下论坛
... http is a sessionless protocol. You send a request, I give you an answer, that's it, we are done. Requests are independent with each other. (Well, http 1.1 supports persistant connection, but that's solely for alleviating the expensive connection establishment, not for keeping session. Each request on a single connection is still independent with other requests on the same connection.)
So in order to keep session, we have to use other means, eg., cookies or hidden fields, etc. It is the web server's responsability to retrieve the session information from cookies, hidden fields, etc., by querying database (or whatever storage you choose). So the web servers need to query the same database or the databases need to be kept in sync if they are different.
https connections are persistant, which means it will be a bit tricky to migrate session to other web server if one web server is down in the middle of an established connection.
Anyway, these are just my understanding. Please correct me if you find anything wrong, that'll be greatly appreciated. Pretty interesting topic indeed.
更多精彩文章及讨论，请光临枫下论坛. 网址: rolia.net/zh