• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Doubts on Cookie..

 
Ranch Hand
Posts: 344
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,

I have a small doubt regarding the Cookies. pls advice whether the below mentioned steps are correct..

1. First we are getting the session (new/existing) by using HttpSession session = request.getSession();

2. On requesting the getSession() to the container, the container will create a unique session id and make a new cookie object and assoicate the session id with the cookie and send it back to the client.

My doubts starts from here:

3. The client can accept/reject the cookie. If the cookie is disabled in the browser then the client can't get the cookie. Since the cookie is not received by the client, there will be any notification to the container about this..?

4. If not,i.e. container is not aware/care about whether the cookie is got by the client, then the client is sending the request, which is the continuation of first one and how the container knows whether it is the continuation and not a new request..?

I am strucking some where..pls advice on it..
[ January 06, 2007: Message edited by: Micheal John ]
 
Ranch Hand
Posts: 10198
3
Mac PPC Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Michael,

Look at page 236 of the HFSJ under the Question that starts line "wait a minute...how DOES the Container know that cookies aren't working?...." There is a wonderful explanation for this over here.
 
Ranch Hand
Posts: 41
Android Chrome Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi John,
Regd. your question.
"3. The client can accept/reject the cookie. If the cookie is disabled in the browser then the client can't get the cookie. Since the cookie is not received by the client, there will be any notification to the container about this..?"

NO. If the client's browser does not accept cookies, the browser will ignore the Set-Cookie header which our container sent in its response. However, the container is not notified about whether the client browser accepted the cookies or not. Which is the reason why we have URL rewriting and hidden form field mechanisms, that will ensure that the client sends the cookie irrespective of whether the browser supports cookies or not.


Your next question was :
"4. If not,i.e. container is not aware/care about whether the cookie is got by the client, then the client is sending the request, which is the continuation of first one and how the container knows whether it is the continuation and not a new request..?"


As mentioned earlier, the container would not know, if it is a new session or an existing one, unless it does URL rewriting or uses hidden form fields in its response. If the client browser, does not support Cookies and the Container does not use URL rewriting or hidden form fields, then managing sessions is going to be very very difficult.


For more details refer to.
http://www.webperformanceinc.com/support/load_testing/manual/Session_Tracking.html

Hope this helps.
Regards
Sanjeev
reply
    Bookmark Topic Watch Topic
  • New Topic