11/24/2023 0 Comments Define session networkThe difference being that George allows the ticket to continue to be used for a much longer period of time so long as Ralph checks in or "rides the bus" before a maximum interval, called a TIMEOUT, is reached and causes the tickets expiration. You can't use yesterdays ticket to ride for free today. Now, there is a time limit on this "ticket", just like a bus ticket or transfer. So after Ralph provides his password, George can respond with this temporary "ticket" that Ralph can give George every time he wants to ask George for resource. The STATE of this conversation is that George now knows he's talking to Ralph, and every time the agreed phrase is provided to George by Ralph, George knows to continue where they left off instead of starting a new conversation (in fact, if Ralph continues to forget to provide the "conversation state" enough times and George is lead to believe that it's a new conversation each time, George will eventually stop talking to Ralph). ![]() This password actually references the STATE the conversation between the two is currently in Ralph has already provided the password and George has authenticated it. So George and Ralph agree on a shorter, temporary password that REPRESENTS the real one. And when you have to start establishing identity, George is going to have to ask for the password every time Ralph wants something, but that is both tedious and dangerous someone listening in on the conversation could learn the password. Each sentence is a different REQUEST/RESPONSE. Now here's the thing about web sessions or "conversations", since computers are blind, the only way that can continue a multi-sentenced conversation in such a noisy crowd is to address each other every time Ralph, George, Ralph, George. Ralph, I can tell you your balance, but I need your password So now we arrive at George checking if Ralph is legit: What if Jacque wanted to tell George that he was Ralph and ask for Ralph's bank balance? Shouldn't George protect this information? It's also important to note the George just sort of trusts that Ralph is telling the truth, that he really is Ralph. Now here's a good time to take note of a few things Notice how George and Ralph keep addressing each other by name? If Ralph just screamed out "What's my bank balance?" at the very least, no one is going to know who the hell Ralph is talking to. George, what's the capital of California?īut what if Ralph wants personal information that only he and George know? ![]() Sometimes they only want a single word answer that is freely available information People are always screaming from the crowd to get answers from George, "Hey, George!" They require sound to identify each other. Web communications are like blind men, in fact, all computers are blind. "The SessionVariable is indeed the answer you may be providing the credentials to login via POST method, but upon subsequent HTTP request, how does the server know that this new stateless connection is part of an ongoing session? Keep-alive? No, that's just a means to automatically send a heartbeat every so often (with the sessionid) to tell the server you're still there.but you have to provide either the object with the sessionid or create a new "webrequest" and explicitly provide the sessionid. Looks like I need to look into the details of how sessions are maintained from a technical point.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |