--- Marcelo de Moraes Serpa <celoserpa@xxxxxxxxx> wrote: > Hello list, > [snip] > > * Each http request gets an instance of a session_id > ? Or is it > per-connection ? It depends. There is no necessary correlation between a session as defined within a web application and a session as defined in the RDBMS. I routinely set up web applications that may have multiple "sessions" as seen by the RDBMS. Consider the idiom of doing operations with the least priviledge required to get the job done. The application might log into the database as one databse user with very limited rights, to authenticate the user and pass data to the web application regarding what the user is permitted to do (all server side, on the application server). Then, the application may log in as a very different user with limited rights to perform some operation the user has initiated. So far, we have two sessions as far as the database is concerned and only one as far as the web application is concerned. If you're working with web applications, you must know that multiple http requests can share a web application session, as can multiple web applications (if written to do so using the single sign-on idiom), assuming you use technologies such as cookies or URL rewriting or hidden form fields, or the magic of ASP.NET, to set up and maintain sessions, and that the session is restricted to a single http request if you don't (plain old http/html is stateless, so there is no useful concept of session without help from other technologies). HTH Ted ---------------------------(end of broadcast)--------------------------- TIP 2: Don't 'kill -9' the postmaster
