Basic Web Applications

Session Management incorporates techniques that are used by web applications that transparently authorize a user with every HTTP request without asking the user to repeatedly login. The obligation of session management is handled by the program itself because of the stateless nature inherent in the underlying HTTP protocol. Session management involves the sending of session token by the application to a client, usually a web browser, after a successful authentication. Most of the time, the token is sent to the server with the use of the Set-Cookie directive of HTTP and is subsequently stored in the client. The session token is required to be sent by the client to the server along with each HTTP request to allow identification to the web based application. The token that accompanies the request will be used by the application to determine whether the user is authorized to access the requested page.