Cookie-based persistence, Cookie-based persistence 424 – Nortel Networks WEB OS 212777 User Manual

Web OS 10.0 Application Guide

424

n

Chapter 16: Persistence

212777-A, February 2002

Cookie-Based Persistence

Cookies are a mechanism for maintaining state between clients and servers. When the server
receives a client request, the server issues a cookie, or token, to the client, which the client then
sends to the server on all subsequent requests. Using cookies, the server does not require
authentication, the client IP address, or any other time-consuming mechanism to determine
that the user is the same user that sent the original request.

In the simplest case, the cookie may be just a “customer ID” assigned to the user. It may be a
token of trust, allowing the user to skip authentication while his or her cookie is valid. It may
also be a key that associates the user with additional state data that is kept on the server, such as
a shopping cart and its contents. In a more complex application, the cookie may be encoded so
that it actually contains more data than just a single key or an identification number. The
cookie may contain the user’s preferences for a site that allows their pages to be customized.

Figure 16-1 Cookie-Based Persistence: How It Works

1

USER REGISTERS TO BUY

AN ITEM

2

SWITCH COMPLETES THREE-WAY

HANDSHAKE WITH CLIENT.

- FORWARDS HTTP REQUEST TO COOKIE

SERVER

3

WEB SERVER DESIGNATED TO SERVE

COOKIES RECORDS INFORMATION AND
SENDS THE CLIENT A COOKIE

4

SWITCH RECORDS OR REWRITES

COOKIE INFORMATION BASED ON
CONFIGURATION

5

COOKIE STORED ON CLIENT

MACHINE

6

CLIENT DECIDES TO BUY AN

ITEM. THE COOKIE
INFORMATION IS SENT AS
PART OF THE HTTP
REQUEST

7

BASED ON COOKIE INFORMATION SWITCH

REDIRECTS REQUEST TO THE SAME SERVER
OR HASHES ON COOKIE VALUE