Business applications typically need to maintain some session state. That means, there is information that requires to be saved so that it can be used in the next request of that user.
Between requests, some things may happen:
- Sever becomes unresponsive
- In a load balancing environment, the load balancer may decide to not assign all the requests from the same user to the same server
Depending on the service levels of high availability or fault tolerance that are required, and for the well functioning of the application, some actions have to be taken:
- Use Session Replication
- Use Server Affinity (Sticky Sessions)
- Move the session information to an external point (e.g. a state server like Redis or the database)
Notes:
- A drawback of the second (2.) approach, it has not so high fault tolerance, compared to the first one. Anyway, it can be used together with some of the other approaches
- Storing the web session in the database is generally not good for performance or scalability because it creates an extra workload on the database.
https://stackoverflow.com/questions/10278683/how-safe-is-it-to-store-sessions-with-redis
https://github.com/ran-jit/tomcat-cluster-redis-session-manager
https://stackoverflow.com/a/11045462/382145 - Sticky Sessions and Session Replication
SAC #15071 - Session State in .NET
SAC #52313 - Session State Troubleshooting