how to manage user sessions in distributed databases?

Question

Since i have zero experience in developing web applications which can be scaled up horizontally, i need someone with experience guide me in right direction.

I had difficulties to figure out the right way of storing login sessions in database, so i came to the question is that even right to store them in databases when i am planing to use replication in future ? and if not what are the alternates ??

I need different clients(android,Windows, ...) be connected to server with their own sessions related to the same user and i am using:

1 - Cent-OS as OS

2 - PostgreSQL as DBMS

3 - Tomee as HTTP server and Servlet container

4 - Partitioned Tables (Inherited Tables in PostgreSQL) to improve performance, chance of in memory index scan, prevent fragmentation and etc

My problem raise from the fact that i need to check session availability in every received request from clients (every session has its own encryption keys) and it is possible to have millions of sessions, in a distributed environment i can not be sure that the created session will be available in replicated database at the right time.

Thanks for helping

Answer 1

Storing the user sessions in RDBMS will evantually decrease the perfermance of your application. You should take a look at distributed caching mechanisms to store and read user sessions. I strongly recommend NoSQL database solutions for user sessions such as Redis which enables you in-memory storage of your key-value pairs and responds in a very high speed. In addition, you can tune the configuration file in order to store the in-memory key-value pairs to disk for persistence. You also need to focus on distribution of your key-value pairs across multiple NoSQL instances and internal data structures such as HashMaps. You can use your own hashing algorithm to distribute your key-value pairs on multiple instances that will enable you high availability. You should keep in mind that shardening your data horizontally will result in some issues, you can refer to CAP theorem - Availability and Partition Tolerance fore details.