Computer Science Sessions
How Sessions Help with Data Persistence
Hello, and welcome to another installment of my CS blog. When I wrote last, I had taken a job at a startup and was going to do my best to update how things have going for me as I transition out of teaching, and into software engineering. Well…that startup imploded, and I am switching from iOS to Web dev. But that’s another story for another time, stay tuned, because that story needs to be told. However, since I am “hitting the books” again, this blog post will focus on a topic that I am learning (HTTP Sessions) with the hope that it will help others better understand this topic as well.
So what is a session anyway?

Nope, not that kind of Sessions. 😝 The definition of a session as found on Google is: a period devoted to a particular activity. I’ll use riding a bike for my analogy because cycling is a passion of mine. Your cycling session begins once your butt hits the seat and you are peddling. You may start and stop several times during your session for various reasons, like when you encounter red lights or stop signs, or need to rest, or use the loo, but the session is still active. Your session ends when you dismount and put your bike away.
The same is true for a session in computer science. But what is a session in computer science? Is it when you are browsing? Well, yes…but in this context it is so much more than that. This article aims to help you understand the concept of sessions as discussed and implemented in computer science, with a focus on HTTP Sessions.
In computer science, according to wikipedia, a session is a temporary and interactive information interchange between two or more computing devices. Basically that’s a fancy way of saying that data is being passed between two or more devices or digital services. For example, when you are logged into Instagram, a session is started, and most likely the session is valid until you log out. When you are logged in you are able to view your images that are stored on the IG databases, and you can view other’s images that are also stored somewhere else. You are exchanging or passing data between your device, and where ever those images are being stored.
The benefit to having a session is that you have already authenticated yourself to the database, and there is no need to have to perform that same authentication with each action, as you have a stored session. This makes transferring data much faster. Imagine if you were talking to someone on the phone. And everytime you got a response from them, you had to hang up, and call them back. And they had to do the same thing on their side. That would make a phone conversation take forever. Sessions allow the flow of data to be passed without having to perform authentication over and over again.

Sessions are stateful
But what does THAT mean? A program is described as stateful if it is designed to remember preceding events or user interactions. The remembered information is called the state of the system. It means that it has some ability to remember stuff. Some of that information might be how many likes a picture you posted has, or how many times you have liked someone else’s pictures, where you browsed in a web session, and other handy information that can help speed up your computing experience.
So now that we know what state refers to, let’s get back to sessions. Sessions are designed to remember state. Sessions are started at some time in the program, and set to end at some point in time. Usually the trigger to start a session is dependent on a user action. Established communication sessions may have multiple messages going in both directions. Since the sessions are stateful, this means that history of the session must be kept on either device in the exchange. Basically this means that if you and I are having a conversation, it is up to at least one of us to remember the history of the conversation, that way we can refer back to talking points in the session.
A session is also a requirement to have a connection-based communication which is basically a network connection where there is a mostly permanent exchange of data. A session is also the foundation in a connectionless-based communication which is where data packets are sent through routers, but is not required.
Who handles the sessions?
Data transmission may be performed as part of standard protocols and tasks at the application layer, the session layer or at the transport layer in the OSI model. If you are not sure what those are, click the links as those topics are slightly out of the scope of this article.
In UDP or HTTP, sessions are maintained by a higher level program using a method defined in the data being transferred. For example, an HTTP exchange between a browser and a remote host may include an HTTP cookie which identifies state, such as a unique session ID, information about the user’s preferences or authorization level.
Introducing cookies!
Back in the day when HTTP protocol was rolled out, lets call that HTTP v1.0, the idea was to only allow one request and response during each web session. We soon realized that wasn’t enough, and HTTP v1.1 made improvements making it easier to maintain the Web Session by supporting HTTP cookies and file uploads. Yay cookies, who doesn’t love cookies.

Client-side sessions use cookies and cryptographic techniques to maintain state without storing as much data on the server. When presenting a web page, the server sends the current state data to the web browser in the form of a cookie. The browser saves the cookie in memory or on disk. With each request, the browser sends the cookie back to the server, and the server uses the data to “remember” the state of the application for that specific client and generate a response.
What is a cookie?
A cookie is more than just a tasty treat. A cookie is a small text file that is stored by a browser on a user’s device. Cookies are only plain text and never include any executable code. The server or web page instructs the browser to store the information and send it back and forth with each request based on some protocol. Servers then use the information on the text file to identify the users.
Conclusion
Now that you know what sessions, state, and cookies are, hopefully you will not only understand persistence a little better, but you will be able to use this information to implement methods of persisting data in your programs. Happy learning, and see you in the cloud.
