Multi-Session Browser | How to Manage Multi-Sessions?
What is Session
In computers, especially in network applications, sessions are called “session control.” A session is simply a data storage technology that can sustain server-side data storage. It is a technology that temporarily stores data based on a back-end that is different from a database.
You can think of a session as the process from when we use a browser to surf the Internet to when we close the browser.
The Session object stores properties and configuration information required for a specific user Session. Without sessions, we would not be able to complete online shopping, because the server cannot keep track of what you want to buy, and when you are ready to check out, you will find the cart empty.
When a user requests a Web page from an application, a chunk of memory is created on the server-side, which is associated with the browser window or child window of the browser. This piece of memory is called the session. Other browsers on the same machine cannot access this session. Variables stored in Session objects are not lost and persist throughout the entire user session when a user jumps between the application’s Web pages.
When a session expires or is abandoned, the server terminates the session. One of the most common uses of the Session object is to store user preferences. For example, if the user indicates that he does not like to view graphics, that information can be stored in the Session object.
Please note that:
1) Session state is reserved only in browsers that support cookies.
2) Two pages in the same browser do not necessarily have the same session. If you open two tabs in the same browser, then the pages of the two tabs are one session. But if you open two different Windows in the same browser, then the two pages are not one session.
How sessions work
Since the HTTP protocol is non-connectivity, when the browser finishes fetching content, it disconnects from the server. How does this work if you want to access other content or sub-windows of the site, and the page needs to know the original session?
In this case: The first time you visit the page where the session was created, you create a unique number for the browser and give the session the same number as the browser. Then record a series of selections on the server-side. When you visit the second page, you send the number to the second page, and the second page finds the number and the session corresponding to the original session. You can find the original session. So each window has a unique number. This number is the session-id.
- The first step is to bring the session id, user name, and password in the local cookie to the background
- In the second step, the background checks whether the corresponding session-id exists
- If not, create a new session. If yes, check whether the corresponding file exists and is valid. In case of failure, we need to clear the session and generate a new session. If valid, use the current session.
The characteristics of Session
- The session is stored on the server
- The session is generally used in conjunction with cookies. If the browser disables cookie, only URL rewriting can be used to realize session storage
- If sessions are only used to maintain user status, the query will be slow when a large number of users log in at the same time or a large number of sessions exist.
Session and cookie
Why did sessions come into being?
One of the main reasons is HTTP’s statelessness.
What is statelessness? That is, this request and the last request are unrelated. But the advantage of stateless is fast. Because of the stateless nature of HTTP, there is no way to know the state of the current user when an HTTP request is sent.
So because of this appeal, a new way for clients to store data has emerged: cookies.
A cookie is to store a small amount of information on the user’s own computer. By setting its storage path under a domain name, the user can read the information from any page in the domain when accessed through a browser.
While this is a great solution, and it’s quick and convenient, it’s very insecure. This is because cookies exist on the client-side and are themselves stored in a limited size. The key reason is that it is visible to the user and can be modified at will. So how to make it safe and easy to read information globally? Thus, at this time, a new storage session mechanism was born, called the session.
Differences and relations between Session and cookie
If a store has a gift-giving campaign for five purchases, then you need some way to keep track of how many purchases customers make. This leads to the following situations:
1) The clerks in this store have a very good memory and can remember the consumption times of each customer. As long as the customer enters the store, the clerks know whether they should give gifts or not. This is the state of the protocol itself.
2) Give the customer a card that records the number of purchases. Each time a customer shows the card, the purchase will be linked to a previous or future purchase. The practice is to maintain the state on the client-side. That’s what cookies do.
3) The customer is given a membership card, which does not record any information except the card number. Every time the customer shows the card, the shop assistant will find the corresponding record of the card number in the store record book and add some consumption information. This is done by maintaining the state on the server-side. This is similar to the mechanism of the session.
In short, the cookie mechanism adopts the scheme of maintaining the state on the client-side, while the session mechanism adopts the scheme of maintaining state on the server-side.
At the same time, we also see that since the scheme of maintaining state on the server-side also needs to save an identity on the client-side, so the session mechanism may need to resort to the cookie mechanism to achieve the purpose of saving the identity — cookies store the coding information of the session. Cookies are stored in the session.
Why doesn’t the product you put in your cart disappear every time you log back into the shopping mall?
Because when you log in, the server can use the cookies carried by the browser to find the session that saved your shopping cart information.
How to choose cookies and sessions
1) Security: Cookies are not very secure. Cookie spoofing can be carried out by analyzing cookies stored locally. The session should be used for security.
2) Performance: Session will be stored on the server for a certain period of time. Cookies should be used to reduce server performance when the number of accesses increases.
3) The data saved by a single cookie cannot exceed 4K. Many browsers limit the maximum number of cookies saved by a site to 20.
Therefore, important information such as login information can be stored as SESSION, and other information can be stored in cookies if necessary.
Misunderstandings:
“Does the session disappear as soon as I close the browser?”
No. In the case of sessions, the server will remain in place until the application notifies the server to delete a session. Generally, the application sends a command to delete a session when the user logs off.
It is because closing the browser does not delete the session that forces the server to set an expiration time for the session. When the expiration time has passed since the last session used by the client, the server can consider that the client has stopped activities and delete the session to save storage space.
Multi-session browser
Why can’t you have multiple sessions in the browser?
Most browsers now share session ids, so when multiple sessions are opened in a browser, the new content overwrites the original content with the same key.
How to create multiple sessions?
1) Use multiple browsers.
2) Modify the conf file to create localhost1 and locaohost2.
3) Store user information in the front-end HTTP Session with the user ID (unique) as the key, so that each time does not overwrite the last content. The user ID can be transmitted in the front end through URL parameter parsing.
4) The global variable is defined in the front-end JS file to get the userID, but the new formula may be overwritten after the refresh.
5) Multi-session browsers: You need a virtual browser! It’s kind of like a sandbox, where you can create a new environment that’s completely isolated from the previous environment, that’s not related to each other, so that login credentials don’t get replaced, and you can log into multiple accounts.
ClonBrowser—the best multi-session browser!
ClonBrowser is the virtual browser you can’t miss! As long as you have a computer connected to the network, it can provide you with thousands of completely independent virtual browsing environments! You can easily handle multiple accounts across all platforms through ClonBrowser.
To use ClonBrowser, you just need to:
1) Install the client and register your ClonBrowser account
2) Create your profile. You can quickly create browser profiles as needed. CB provides you with the most complete profiles!
Start your free trial now!