I am little bit confused about Zend authentication session storage system. I will try to explain my problem. Please try to express your opinion or anything you know about zend session or my assumptions and questions.

By default, Zend_Auth_Adapter_DbTable returns the identity supplied back to the auth object upon successful authentication. If I use getStorage() or getIdentity(), so I can able to retrieve "Session values(id, name,..)" to some variables. !! If you think above both assumption are right, my questions are,

1. Where session values stores by default? (By default, which place it uses to store the session?)
2. If I specify session save path like below. Why should we need to store these session in a folder if session stores according question 1? save_path = /home/myaccount/zend_sessions/myapp
3. if I use Zend_Session_SaveHandler_DbTable. What makes it better than above two options?
4. Or, can you able to suggest which way you think, we can make the session persistent in Zend ? Currently we got 1 million users registered with us,so how can we make the users session storage in efficient way?

Thanks in advance to all of you who are going to participate in discussion, if you think any of my questions or assumptions are wrong, please try to express your way. So I can able to learn from mistakes

1. Zend session internally uses php global variable $_SESSION, the path where the session get saved is controlled by php.ini settings, so you can use session_save_path

2. For session_save_path you can give folder name where you need to save session. By default session stores in temp folder, every time somebody clears temp folder sessions data will be lost. So its better to use other folder.

3. Db sessions are used for session sharing. In large websites like google, one server wont serve all users requests, so if you requested something, session will get created and you will get response, for your next request there is no guarantee that you will hit the same server, in that case the 2nd server tries to fetch the session data from some distributed location like db or memcache. Memcache is best option than db for distributed session, as it is more faster.

4. What information you are trying to save in session, if its something you are trying to save for longer time then why can`t you associate that information with user object instead of saving in session.

Iam not 100% sure about your question but i will try to answer :-)

1. On an default linux box it should be /tmp or whatever is configured in php.ini
2. Think about shared hosting environements (security issues)
3. Zend_Session_SaveHandler_DbTable is nice if you have, for example, load balanced web servers, so the user has his session independent of the webserver he is connected to
4. If you use only one server (not shared), and have no need for functions like "who is online", default session handling on filesystem is the best solution (in my opinion).