Menu
We are planning to move one of our applications on cloud, but somewhere I read that using session in cloud can be dangerous. but this blog dosen't explain any danger as such.
I wanted to know that is there really any threat in using session for cloud applications?
I am new to the forum so excuse if I have commited any mistake and please guide me to correct the same.
252
The session data that you read and write using $_SESSION is stored on server side, usually in text files in a temporary directory.
Session-data definition (computing) The set of session variables held on a server that allow the continuation of a conversation with the client without the need to continually reinput data. noun.
If you plan to run your application across several nodes, you will need to take load balancing and out-of-proc sessions into account, but there's nothing inherently insecure about using sessions while your servers are hosted somewhere else.
That just doesn't make any sense.
73
If 'dangerous' means that in certain situations the use of Session won't work, then you're right if you would be using Azure to host your cloud application. Then it depends on the number of instances you are running.
If you're only running 1 instance then you can use Session (that lives in memory on the instance) without changing anything. But if you're using more than 1 instance (the requests are being load balanced and each request can be handled at a different instance) in memory Session won't work out of the box. To resolve this you're able to use 3 different ways to store session.
See this question for more information: ASP.NET session state provider in Azure
34
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
