overview

• cookie
• Http request( get/ post)
• session, JWT
• cachea
• COMET , web socket
• Cloud models, Cloud owneship

cookies- what is it ?

• small files sent from the server to be stored on client side
• used to track the client's activities and remember stateful information
  -1. first visit ?
  -2. loggined-in user ?
• Updated on every request

cookies - a major problem

• can be edited
  • leads to security vulnerabliities
• what do we do now ?
  • just don't store any meaningful info in a cookie
• cookie usually just store ids.

Http request

• Get
  • puts the query string in the URL
  • has length restriction
• post
  • puts the query string and other data in the bodys
  • no restriction

Sessions

• Data about the user is stored on server
• A session id is sent to client and stored n client
• Client pass session id to server
• Server uses this id to get data from the database
• presist through user's interaction with the website
• Expample : Google Docs
  • what file was being edited
  • where the cursor was

JWT (JSON web token)

• no need for database
• stores encrypted data in cookie
• security based on hasing
• lots of libraries available

cache

• idea: store files locally to reduce bandwidth usage and server load
• get file from cache instead of asking the server
• not all content can be cached
  • Example: news, twitter
• Has expire time
• Google caches their logo

how to implement a counter

• A counter that increment every 30 second
• problem: server cannot push data to client in HTTP
  传统的web应用都是基于请求-响应的模式，ajax的改进只是非全页面更新，无法解决实时性和事件驱动。ajax with polling通过定时请求可以实现伪实时，但频繁的建立和销毁连接又会耗费服务器大量资源，增加带宽使用。

solution 1: COMET

• web browser limit number of connection
• work around : domain streaming
  • since limitation is based on domain name, just use multiple domain names to open more connections
  • Example : CNN.com

solution 2: Web Socket

• Two way communication between client and server
• provides a persistent connection and both can start sending data
• Example - webSocket handshake

cloud models

• SAAS - software as a service
  • a piece of software that you can use that is not running on your machine.
  • Example : google doc
• PAAS - platform as a service
  • give you very limit control
    Example : Hadoop
• IAAS - Infrastructure as a service
  • gives you access to do whatever you want
  • Example: Amazon EC2

why IAAS ?

• why not build your own cloud ?
  • cost
  • Complexity
  • Elasticity 弹性
  • why do all these extra work ?

cloud ownship

• private
  • corporate
  • personal
• public
  • managed
    • have access to your stuff