[cgiapp] enciphered-cookie-only sessions
perrin at elem.com
Tue Mar 11 10:07:29 EDT 2008
On Mon, Mar 10, 2008 at 11:46 AM, Mark Fuller <azfuller at gmail.com> wrote:
> BTW: I didn't understand the part in the Catalyst documentation saying
> the benefit of sending the session in the cookie is that you don't
> have to access the disk. I assume that's supposed to be a performance
> benefit. But, after two encodings and an encryption, and two decodings
> and a decryption? I don't see how that could be much of a performance
It's worth benchmarking, but it seems likely to me that even strong
encryption is faster than fetching data from a database. Removing one
or more database hits from every page access could be significant.
Most web servers have tons of idle CPU because they're constantly
waiting for I/O operations.
The real win in my mind is scalability -- you no longer have to worry
about how to share the data across your cluster. No matter how many
servers you add, your cost for session storage never goes up.
More information about the cgiapp