Índice
See the most recent published version of this document . Also, the Zend Framework Auth team greatly appreciates your feedback and contributions on our email list: fw-auth@lists.zend.com
With web applications written using PHP, a session represents a logical,
one-to-one connection between server-side, persistent state data and a particular user agent client (e.g. web
browser). Zend_Session
helps manage and preserve session data, a logical complement of cookie data,
across multiple page requests by the same client. Unlike cookie data, session data is not stored on the client
side, and it is only shared with the client when server-side source code voluntarily makes the data available
via a response to a request from the client. For the purposes of this component and documentation, session data
refers to the server-side data stored in $_SESSION[]
, managed by Zend_Session
, and
individually manipulated by Zend_Session_Namespace
accessor objects. Session
namespaces provide access to session data using classic
namespaces
implemented logically as named groups of associative arrays, keyed by strings (similar to normal PHP arrays).
Zend_Session_Namespace
creates instances of accessor objects for namespaced slices of
$_SESSION[]
. The Zend_Session
component wraps the existing PHP ext/session with an
administration and management interface, as well as providing an API for Zend_Session_Namespace
to
persist session namespaces. Zend_Session_Namespace
provides a standardized, object-oriented
interface for working with namespaces persisted inside PHP's standard session mechanism. Support exists for both
anonymous and "login" session namespaces. Zend_Auth
, the authentication component of the ZF uses
Zend_Session_Namespace
to store some information associated with authenticated users in the
"Zend_Auth" namespace. Since Zend_Session
uses the normal PHP ext/session functions internally, and
all the familiar configuration options and settings apply (see
http://www.php.net/session
), with the bonus of convenience through an object-oriented interface and defaults providing both best practices
and smooth integration with the Zend Framework. Thus, a standard PHP session id, stored either in a client's
cookie or embedded in URLs, maintains the association between a client and session state data.
The default ext/session save handler does not solve the problem of maintaining this association, when a client may connect to any sever in a cluster of servers, since session state data is saved to the local server only. A list of additional, appropriate save handlers will be provided, when available. Community members are encouraged to suggest and submit save handlers to the fw-auth@lists.zend.com list. A Zend_Db compatible save handler has been posted to the list.