Win a copy of Practical SVG this week in the HTML/CSS/JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

cookies in JSP

 
Anu satya
Ranch Hand
Posts: 146
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i had been to one interview,

wanted to know, if a program uses cookies to store the session and the user doesn't want to enable cookies in the browser, how session is maintained in JSP

Can any one please help me?

Regards,
Anu
 
Sebastian Janisch
Ranch Hand
Posts: 1183
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
URLRewriting as a fallback mechanism.
 
Anu satya
Ranch Hand
Posts: 146
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

ok. but what is fallback mechanism?

if it is an alternative, then why to use two mechanism to maintain the session? we can only use url rewriting right?
 
Sebastian Janisch
Ranch Hand
Posts: 1183
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
this is what fallback menas. it is only in force if the session tracking via cookies does not work because the user disabled cookies.
 
Anu satya
Ranch Hand
Posts: 146
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ok. can you please give example? i am pretty sure.....how to do that keeping both cookie and URL rewriting......

then, how to differentiate the data in JSP, which is coming from URL rewriting and cookies?
 
Vijitha Kumara
Bartender
Posts: 3953
21
Chrome Fedora Hibernate
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Anu satya wrote:... if it is an alternative, then why to use two mechanism to maintain the session? we can only use url rewriting right?

You can use cookies not only to manage session ID but to transfer other small pieces of data back and forth so we need cookies . And for the seesion tracking URL rewriting works (only if you have asked the container to do so, of course) only if the cookies fails.
 
Sebastian Janisch
Ranch Hand
Posts: 1183
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Anu satya wrote:ok. can you please give example? i am pretty sure.....how to do that keeping both cookie and URL rewriting......

then, how to differentiate the data in JSP, which is coming from URL rewriting and cookies?


When writing your JSP's, instead of putting the url plain into the code, you use the c:out JSTL tag that does the rewriting for you automatically.

This is what happens.

- A new client opens your website
- All URL are encoded because no session exists yet so there is no cookie the client can serve to the server
- The cookie containing the session id is sent back to the client together with the page response (At this time both url rewriting and cookies are in force)
- It is up to the client to either store or ignore the cookie
- Upon the next request, the session id will be transferred in the URL query string in any case, and - if the user accepts cookies - also the cookie will be transferred
- the container evaluates whether or not a cookie has been sent and skips url rewriting from here on

got the idea ?

there are two functions called isRequestedSessionIdFromCookie and isRequestedSessionIdFromURL on the request object.
 
Water! People swim in water! Even tiny ads swim in water:
the new thread boost feature brings a LOT of attention to your favorite threads
https://coderanch.com/t/674455/Thread-Boost-feature
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!