Table of Contents
See the most recent published version of this document . Also, the Zend Framework Auth team greatly appreciates your feedback and contributions on our email list: fw-auth@lists.zend.com
With web applications written using PHP, a session represents a logical, one-to-one connection between server-side, persistent state data and a particular user agent client (e.g. web browser). Zend_Session helps manage and preserve session data, a logical complement of cookie data, across multiple page requests by the same client. Unlike cookie data, session data is not stored on the client side, and it is only shared with the client when server-side source code makes the data available via a response to a request from the client. For the purposes of this component and documentation, session data refers to the server-side data managed by Zend_Session.
The Zend_Session_Core
component wraps the existing PHP ext/session with an administration and
management interface, as well as providing an API for Zend_Session
to persist namespaces.
Zend_Session
provides a standardized, object-oriented interface for working with namespaces
persisted inside PHP's standard session mechanism. Support exists for both anonymous and "login" sessions.
Zend_Auth
, the authentication component of the ZF uses Zend_Session
to store some
information associated with authenticated users in the "Zend_Auth" namespace. Since
Zend_Session_Core
uses the normal PHP session functions internally, and all the familiar
configuration options and settings apply (see
http://www.php.net/session
). Thus, a standard session id, stored either in a cookie or embedded in URLs, maintains the association between
a client and session state data.
The default ext/session save handler does not solve the problem of maintaining this association, when a client may connect to any sever in a cluster of servers, since session state data is saved to the local server only. A list of additional, appropriate save handlers will be provided, when available. Community members are encouraged to suggest and submit save handlers to the fw-auth@lists.zend.com list.