apache > cocoon

Webapps Developer Documentation


This section contains several documents about developing real-world web applications with Cocoon.

Some of these concepts are currently in development. The development of the Session handling, the authentication framework and the portal framework is nearly finished. You will find these components in the latest CVS version of Cocoon. The documentation listed in the menu conforms to the current CVS version.

However, the current release (2.1.8) contains alpha versions in the scratchpad area of these three components. So you can already have a look at them. The documentation in the "scratchpad" folder contains the description conforming to the scratchpad. But be warned that they are in the scratchpad area and will change in upcomming releases. So if you are really planning to use them, have a look at the latest CVS.


A session is a data storage which resides on the server and records information about one single user. Cocoon creates a session on demand and from that point of time the user is tracked and information can be stored inside the session. Each following request of this user is linked to the one specific session, so there is always only one session per user on the server.

To avoid a fast growing amount of sessions on the server and the overcome potential security problems, a session has usually a valid period of time. If during this period no new request comes in from the user, the session object on the server will be destroyed by the server (this period of time is called session timeout). The web application often allows a user to explictly destroy a session.

The usual web applications create sessions during login of a user and destroy them when the user logs out.