3.2.5.3 Saving Session Data with a Set Request

When a client needs to store session data in a state server, it makes a request to the state server by using the message format that is specified in section 2.2.5.5.

If the client needs to perform custom initialization tasks on the session state data during a subsequent Get_Request or GetExclusive_Request, the client MUST set the extra-flags field to "1".

If this is the first time that the session state data is being stored for the unique identifier that is contained in the combination of application-identifier, appdomain-identifier, and session-identifier, the client MUST generate a lock-cookie that conforms to the format that is specified in section 2.2.3.9. However the lock-cookie will be ignored by the state server the first time session state data is being stored for a unique identifier.

If the session state data already exists for the unique identifier, and the session state data is being updated with a Set_Request message, the client MUST send the lock-cookie that it originally obtained from a previous GetExclusive_Request message.

The value of the timeout field in the Set_Request message is implementation-dependent.<17>

If the server responds with either a response-bad-request or a response-locked, as specified in section 2.2.5.6, the client MAY surface some type of error back to the client's caller.<18>