问题
I want to share sessions among 2 applications on different nodes; however, I am confused what the difference is between Cookie and Redis session stores; e.g. a cookie session might look like this:
rack.session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRiJFN2YxZDMxMGE5YTNhZjc2NGM1NDBk%0AMzdiODQ0MjcyMzk5MzAxY2YyYzdhNDMwOWVkMzhiNWVlMmY2N2QwYzExNg%3D%3D%0A--ec4ec7b5a807c806e02e2811f4a11d05877a7698
In Redis, a session-store, might look like this:
rack:session:eb23c0a055e9e6de3b8ad51efd9g6260d647b2e61326e35f5ff59cd490bfb405"
However, I am confused how these sessions can be shared. Whereas in a cookie approach, a request carries the state of the session, I can't see how the session in Redis actually matches to state among 2 applications. Any advice how to use Redis / share session state among 2 rack apps?
回答1:
The Redis session store still uses a cookie to track the session id client side. The difference is where the actual data that you stick in the session is stored. With the cookie store, it's stuffed into the cookie and sent back and forth with each request. With the redis-store, only the session id is passed in the cookie and the actual session data is retrieved from Redis using the session id in the cookie. Here's a great description of the various trade-offs with different session stores.
Sharing sessions might be made to work with both Cookie and and Redis session stores. Check out these two questions for details:
- Rails Checkout SSL heroku
- Subdomain Session Not Working in Rails 2.3 and Rails 3 on Heroku with/without a Custom Domain?
来源:https://stackoverflow.com/questions/14347540/what-is-the-difference-between-a-cookie-and-redis-session-store