• Post Reply Bookmark Topic Watch Topic
  • New Topic

Difference between HTTPSession & Cookies  RSS feed

 
Angela D'souza
Ranch Hand
Posts: 469
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What is difference between HTTPSession & Cookies?
Thanks,
Angela
 
Felix Kan
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Angela,
Both are mechanisms of establishing a client "state" in a stateless HTTP environment.
With cookie you can store a limited amount of data on the client's machine. It's not secured, and you can only store text in cookies.
HttpSession, on the other hand, allows you to store state information on the server.
it's much more secured (session data is on the app server, not client's box), you can store an "unlimited" amount of data (depends on your server's capacity), plus you can store complex data types (e.g. objects) in a session. very handy.
Hope that helps , I'm semi-new to Java too.
Cheers,
Felix
[ September 23, 2002: Message edited by: Felix Kan ]
 
Ken Robinson
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The HttpSession is a server side object managed by the container (web server) your code is running in. It allows you to set/get Attributes in the Session and know they are for the user making the current Request.
A cookie is something sent to the client, usually one piece of information. Keep in mind the client can turn this off.
Usually, the web server will use cookies to manage it's HttpSessions. You do not really have to worry about this. Basically, the server most likely sends a 'key' to the client. For each Request, it gets that key and uses it to determine which client made the Request. It them makes that user's HttpSession available.
Hope this helps.
 
Angela D'souza
Ranch Hand
Posts: 469
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Ken Robinson:

Usually, the web server will use cookies to manage it's HttpSessions.
Hope this helps.

How???
Do we need to write code to send HTTPSession in cookies way back to client? If yes, would you please send me sample example?
Thanks again,
Angela
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If your client browsers allow cookies, you don't have to do anything. Session management with cookies is automatically handled by the servlet engine. It creates a (supposedly unique) cookie value that is used as a key to recover the session.
If your client browsers don't allow cookies you have to get involved in URL rewriting.
You should get a copy of the servlet API and the JSP API - download free from java.sun.com - to see an extended discussion of session management.
 
Bosun Bello
Ranch Hand
Posts: 1511
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Angela, there is also a good book available online at www.coreservlets.com This will give you a good start.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!