Improvements

Author: javiereguiluz

session/database.rst

@@ -76,8 +76,10 @@ First, define a Symfony service for the connection to the Redis server:
             // ->addMethodCall('auth', ['%env(REDIS_PASSWORD)%'])
         ;
 
-Now pass this Redis connection as an argument of the service associated to the
-:class:`Symfony\Component\HttpFoundation\Session\Storage\Handler\RedisSessionHandler`:
+Now pass this ``\Redis`` connection as an argument of the service associated to the
+:class:`Symfony\Component\HttpFoundation\Session\Storage\Handler\RedisSessionHandler`.
+This argument can also be a ``\RedisArray``, ``\RedisCluster``, ``\Predis\Client``,
+and ``RedisProxy``:
 
 .. configuration-block::
 
@@ -155,7 +157,16 @@ configuration option to tell Symfony to use this service as the session handler:
             ],
         ]);
 
-That's all! Symfony will now use your Redis server to read and write the session data.
+That's all! Symfony will now use your Redis server to read and write the session
+data. The main drawback of this solution is that Redis does not perform session
+locking, so you can face *race conditions* when accessing sessions. For example,
+you may see an *"Invalid CSRF token"* error because two requests were made in
+parallel and only the first one stored the CSRF token in the session.
+
+.. seealso::
+
+    If you use Memcached instead of Redis, follow a similar approach but replace
+    ``RedisSessionHandler`` by :class:`Symfony\\Component\\HttpFoundation\\Session\\Storage\\Handler\\MemcachedSessionHandler`.
 
 Store Sessions in a Relational Database (MySQL, PostgreSQL)
 -----------------------------------------------------------