Saving Session Data with a Set Request

When a client needs to store session data in a state server, it makes a request to the state server by using the message format that is specified in section

If the client needs to perform custom initialization tasks on the session state data during a subsequent Get_Request or GetExclusive_Request, the client MUST set the extra-flags field to "1".

If this is the first time that the session state data is being stored for the unique identifier that is contained in the combination of application-identifier, appdomain-identifier, and session-identifier, the client MUST generate a lock-cookie that conforms to the format that is specified in section However the lock-cookie will be ignored by the state server the first time session state data is being stored for a unique identifier.

If the session state data already exists for the unique identifier, and the session state data is being updated with a Set_Request message, the client MUST send the lock-cookie that it originally obtained from a previous GetExclusive_Request message.

The value of the timeout field in the Set_Request message is implementation-dependent.<17>

If the server responds with either a response-bad-request or a response-locked, as specified in section, the client MAY surface some type of error back to the client's caller.<18>