08.07.2013 19:29, Graham Leggett wrote: > See also the section on integrating with external applications. > > https://httpd.apache.org/docs/2.4/mod/mod_session.html#integration Indeed, from this link (emphasis mine):
Standalone applications Applications might choose to manipulate the session outside the control of the Apache HTTP server. In this case, *it is the responsibility of the application* to read the session from the chosen storage mechanism, decrypt the session, update the session, encrypt the session and write the session to the chosen storage mechanism, as appropriate. My question -- from the beginning of this thread -- was how to fulfill the emphasized responsibility... I am surprised, this aspect is not documented anywhere yet :-( -mi