I'm curious what other engineers are using for user session state storage/tracking within their web apps. I'm not asking about general cache storage, this is specifically about what you use for user session data (if you do that at all).<p>I'm also interested in hearing what techniques others use for fail-over and to increase availability.<p>EDIT: added choice 'An RDBMS'
I use Rails' standard cookie sessions. There's never much data in the session, and it's encrypted so there aren't really security concerns. Not having to bother with flushing expired sessions or having to wipe out all my users' sessions because memcached needed a restart is nice.
If memcached, what do you do to make sure sessions aren't lost. On their FAQ (<a href="http://code.google.com/p/memcached/wiki/HowToSessions" rel="nofollow">http://code.google.com/p/memcached/wiki/HowToSessions</a>) it sounds like it is not intended to be used for sessions. Thoughts?