Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Are session attributes really stored in cookie?

 
Timothy Sam
Ranch Hand
Posts: 751
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I thought they were stored server-side, but a friend told me that they are stored in browser cookies. Is this true? I happen to be saving the username and password in session scoped variable and this made me worry.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65221
95
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No. Session attributes are not stored in cookies.
 
Christophe Verré
Sheriff
Posts: 14691
16
Eclipse IDE Ubuntu VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Things you add using addCookie() will be in a cookie, not session attributes.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65221
95
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Your friend is confused. The session id is usually stored in a cookie. But this is just a value that allows the container to keep track of the session across requests. It in no way contains the values of session scoped variables.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic