I am writing an HTTPS based application using Apache2 as the web server, and python as the language (not sure which framework or Apache2 mod yet). After clients (which are not web browsers) first establish an HTTPS connection to the server, they are expected to send an authentication message. If authentication is successful, they are able to send more commands, until the connection is closed (HTTP 1.1 will be used, with a long keep alive time). My question is, is it possible to have state associated with the connection? I don't want the client to have to send cookies or session ids -- the HTTPS application should be able to figure out the session based on the connection that each request belongs to...the question is how?