Template for a Cookie-based Session Management

One Template that is shipped with Sausalito is the session template. Within this section, we give a short overview of this template and point out what we demonstrate within this template.

One of the best and most beneficial things for our clients is the technical support that our company provides. The technical support is here at your service at all times, no matter what type of problem or issue you might be having with our hosting services, we are here to help you out. If the problem is coming from our side, we will do everything in our power to find a solution and fix it as soon as possible because we understand how important uptime can be. Also, our team offers a professional guide to the programs and tools that we provide. Not everyone will know at first how to use certain tools or features that we offer, that’s why we want to give out some instructions that will help you get started on the new project. So, if you have some questions about the features and workings of the services, please read the instructions first and you will soon understand and use them.

Required Knowledge

Using this template presumes that you are familiar with the following topics:

  • Basic understanding of Sausalito (Get Started)
  • Basic understanding of XQuery, XML, and XPath
  • Basic understanding of HTTP Cookies.

How to Create this Template?

A project using this template can be created in two different ways:

  • Into an Eclipse workspace using a wizard of the Sausalito Tools for Eclipse
  • Into a local directory using the command line utility provided with the CoreSDK.

What Sausalito Feature Does This Template Demonstrate?

Within this template we try to show how to bind a client to a session. Currently, Sausalito provides only a simple cookie-based mechanism for correlating HTTP requests. This is achieved through the session management API functions available in the Sausalito HTTP Module:

  • create-session: creates a session containing an arbitrary XML node
  • validate-session: checks if the incoming HTTP request has a valid session
  • delete-session: deletes an existing session.

NOTE: This article does not make any assumptions about the way applications authenticate or authorize their users. This functionality is application specific and developers are free to choose their own authentication and authorization mechanisms. For example, some applications could store a list of users and their password in a collection and check the user-provided data against the data in this collection.


The following screenshots show the running project template:

“Sign-in”-page of the session template The default page after signing in

Template Insights

The Template Insights allow you to take a look at the code of the template. You can access/browse the source code online.

Browse the Source Code Online

Please, browse the source code of this template using our Source Code Viewer.