• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Confusion between Cookie and JSession

 
Sony Agrawal
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I learning about sessions and cookies,
i create a cookie and set the cookie without creating any Session .
I checked the cookie in the browser and i see the following.
cookie : CooName="cookie value"; JSESSIONID=BD102D632EFF38F4B0BD08BAD3F0FF88
I was confused by this...
I created only a cookie and sent it to the client. But i did not create any session. Then from where did the JSession thing come in to picture...
What is that i am missing???

 
Sagar Rohankar
Ranch Hand
Posts: 2907
1
Java Spring Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I checked the cookie in the browser and i see the following.

Checked on the browser, mean are you printing out cookie on JSP page, if yes, then see if you had explicitly disable the session on JSP page or not.
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If no Cookie contains a session ID, the Container generates a new one and put it into the Cookie for you.
 
Sony Agrawal
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hmmm.. so you mean to say that if i create a cookie but without a session then the container will create a session and put that cookie in the session and send it to the client.
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sony Agrawal wrote:Hmmm.. so you mean to say that if i create a cookie but without a session then the container will create a session

Yes
Sony Agrawal wrote:and put that cookie in the session and send it to the client.


Little Correction: session into Cookie . in other word Cookie contains Session ID
 
Sony Agrawal
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sony Agrawal wrote:put that cookie in the session and send it to the client.

Sorry for that
 
Sony Agrawal
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
But what is the need for creating that session ??
Can you give an example regarding the use of such sessions??
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, HTTP is a stateless protocal . For more details google for *Session Tracking* .
 
Sagar Rohankar
Ranch Hand
Posts: 2907
1
Java Spring Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hmm, that's mean container attached the session-id to the any cookie generated from the web app, so that when browser send the cookie back with the next request, the container and eventually the web app has some mean to recognize whose cookie it is ? Am I right?
 
Chinmaya Chowdary
Ranch Hand
Posts: 434
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, Sony.

Can you please post, how you are accessing parameter "Name" in servlet, through html form or jsp?
 
Sony Agrawal
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
seetharaman venkatasamy wrote:Well, HTTP is a stateless protocal . For more details google for *Session Tracking* .

I understand that ..... but what if a apllication just want to know the name of the person who is browsing the site . In such a suitation the application would request for the name and set that as cookie and use the cookie to put that person's name in further pages(like in the right top corner)???
In such a suitation cookie are just enough ...right???
 
Sagar Rohankar
Ranch Hand
Posts: 2907
1
Java Spring Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sony Agrawal wrote:But what is the need for creating that session ??

I think, my previous reply answer this,
Sagar Rohankar wrote:the container and eventually the web app has some mean to recognize whose cookie it is.

But I'm not sure here
 
Sony Agrawal
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Chinmaya Chowdary wrote:Can you please post, how you are accessing parameter "Name" in servlet, through html form or jsp?

I am using JSP ... Why???
 
Sagar Rohankar
Ranch Hand
Posts: 2907
1
Java Spring Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sony Agrawal wrote:I understand that ..... but what if a apllication just want to know the name of the person who is browsing the site . In such a suitation the application would request for the name and set that as cookie and use the cookie to put that person's name in further pages(like in the right top corner)???
In such a suitation cookie are just enough ...right???

And what if two persons having the same name browsing from different geographical area ?
That's why Seetharaman pointed out "HTTP is stateless protocol", container need some mean to recognize the previous request/s.
 
Sony Agrawal
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
And what if two persons having the same name browsing from different geographical area ?

How does it matter
I am picking the name of the person from the cookie that i got from the request???
By the way i am not even storing the name anyevery??

 
Chinmaya Chowdary
Ranch Hand
Posts: 434
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Suppose if we send request for jsp form, 'form.jsp', container/server implicitly creates session object and and gets the id from that object, encapsultates it into cookie object and sends it to the client. Now we have one JSESSIONID cookie
JSESSIONID=BD102D632EFF38F4B0BD08BAD3F0FF88
in the browser.

Now we fill the form and send the request to the container. This time servlet creates the cookie and sends it to the client. Now browser is having another cookie
CooName="cookie value"
. Finally browser is having two cookies.
 
Sony Agrawal
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Chinmaya Chowdary wrote:Suppose if we send request for jsp form, 'form.jsp', container/server implicitly creates session object and and gets the id from that object, encapsultates it into cookie object and sends it to the client. Now we have one JSESSIONID cookie in the browser.

Hmmm.. i just tried it.... And it creates session object for JSP and not for html... But still i am not clear why we need a session ... like in the suitation that i said before
 
Chinmaya Chowdary
Ranch Hand
Posts: 434
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sony wrote: Hmmm.. i just tried it.... And it creates session object for JSP and not for html... But still i am not clear why we need a session ... like in the suitation that i said before


I think you are asking, why jsp creates implicit session object. If a client participates in a session, inorder to identify the client every time container has to check through the code . And most of the time client acesses jsp's. I think inorder to avoid this repeated code, container creates session implicit object.
 
Sony Agrawal
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Lets have an application which has ONLY two pages...
1. one.html
2. two.jsp

and a servlet which sets the cookie

In one.html, i request for the person's name. and use the servlet to set the cookie and somehow i sent the cookie to client. Now another request comes for the two.jsp page , which accepts the cookie and print the name in the JSP page.

Now whats the need for creating the session object in this applicaton?
 
Chinmaya Chowdary
Ranch Hand
Posts: 434
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Suppose we send a request to the 'One.html' form and the Container send's it to the client. We fill the form by providing entries 'Name' and 'Password' and sends it to the container. Now the servlet creates session object, gets the 'Name' from the form encapsulates it into the cookie and sends it to the client. Now the connection between container and client terminates, since HTTP is stateless protocol.

Now another request comes for the two.jsp page , which accepts the cookie and print the name in the JSP page.

Now how two.jsp page accepts the cookie, without creating session object at the two.jsp side? Inorder to identify it has to create session object. Which decides the particular client.
 
Sony Agrawal
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
html




Servlet:



Intermediate html(qwerty.html)



Final JSP




This what i have done.... i would like to know why a session is need here?
 
Chinmaya Chowdary
Ranch Hand
Posts: 434
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here final jsp don't require creating session object. While writing the program we know this logic. If we don't need session implicit object, declare in jsp as
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sagar Rohankar wrote:the container and eventually the web app has some mean to recognize whose cookie it is
But I'm not sure here


it wont care Cookie . instead session id which is inside the Cookie . Through the session Id , it will regonize a client.
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sagar Rohankar wrote:
And what if two persons having the same name browsing from different geographical area ?


if two persons are accessing a web application with same userid/password , they are consider two different session.
 
Satya Maheshwari
Ranch Hand
Posts: 368
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
To summarize:

In servlet, jsessionid would not be set in the cookie, unless you explicitly create an HttpSession
In JSP, jsessionid would always be set in the cookie, unless you explicitly prevent creation of an HttpSession
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic