Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Session VS Cookie.  RSS feed

 
Alex Marks
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In a web Application, in order to track user to see whether they have signed in or not, what should we use ? Cookie or Session ?
Thank you for your help and looking for your replies.Thank you !
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Like with so many other "this or that" questions: It depends on your requirements.

NOTE: Most containers try to use cookies to manage sessions before any of the other routes so this isn't necessarily a "this or that" question.
(In other words: If you choose to use sessions, you could inadverately be using cookies too.)
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A handy trick from Marty Hall's "Core Servets and JSP" which I've never been brave enough to try:
Session cookies are usually only stored in memory and not persisted to the file system (strangely I've never looked at how this is accomplished), but you can change session cookies to persistent cookies by removing the expiry time.

I just offer this as another alternative to say "Here's a way to create something which is both". Oh, and don't actually do this unless you're really sure it's what you want.
 
Alex Marks
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you all of you, but when I check, do i need to check both cookis and session since user can choose "remember for future logins" or not. Any ideas from you ? I appreciate all the ideas. Thank you !
 
Gregg Bolinger
Ranch Hand
Posts: 15304
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Alex Marks:
Thank you all of you, but when I check, do i need to check both cookis and session since user can choose "remember for future logins" or not. Any ideas from you ? I appreciate all the ideas. Thank you !


If you choose to allow a user to return to your site without logging in, you will have to use cookies (unless someone else knows of some magical way). That is different than a user browsing around on a web site after logging in and being able to access secure pages which requires the user to be logged in.

While both *might* use cookies, they are different concepts and there are different aproaches to handling both. So which are we talking about here?
[ September 26, 2005: Message edited by: Gregg Bolinger ]
 
Alex Marks
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Gregg Bolinger, thank you for your reply. Make it easy, let put the situation in an example of a online recruitment site. how can we keep track the users ?
 
Gregg Bolinger
Ranch Hand
Posts: 15304
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Alex Marks:
Gregg Bolinger, thank you for your reply. Make it easy, let put the situation in an example of a online recruitment site. how can we keep track the users ?


You still aren't giving enough information. There are literally dozens of ways to "keep track of users". Can you please be more specific. Here is an example of a good way to pose this question...


When a user visits my site I would like to be able to save their login information so the next time they visit the site they won't have to login. Like what happens here on Javaranch. Some sites use a Login Automatically checkbox of sorts.


Or


When a user logs in and goes to various pages on the site, how can I check that the user is logged in on each page so I can verify their access to that page. I have heard of using Sessions but I am unclear on how that works.
 
Alex Marks
Ranch Hand
Posts: 31
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Gregg Bolinger, Thanks for your replies.
Let me give you more information, in a online recruitment site, when 1 user logs in and choose "remember for future login", i will store some information in the cookie, and each folowing page such as search jobs, post resumes an so on, i will check the cookie to see whether they loged in or not becuase they can save the URL as a favourite site. And 1 more situation, when 1 user logs in without choose "remember for future login", in this situation, i am not sure how to track after he/she logs in.
I hope i can make it easy to understand for you ! Thank you and wait for your reply.
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!