Win a copy of Cross-Platform Desktop Applications: Using Node, Electron, and NW.js this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Session management Cookies  RSS feed

 
vijay jacob
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Session management using cookies.

Basically i understand cookies would be written at the server side in the servlet into the response.
On every request this cookie array would be sent to the server.

So when a new session is stated , the session id is captured and stored in the cookie on every request the session id is checked.If it is a shopping cart example , the objects in the cart is stored in the cookies.

My question is how does the removal of old cookie happen next time the user logins , he might be having diffrent things to purchase and he need to get rid of the old cart cookie.
Also how does he identify every time it is the same session ? does he cross check on the session id stored.?
 
Ishan Pandya
Ranch Hand
Posts: 228
Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
vijay jacob wrote:
My question is how does the removal of old cookie happen next time the user logins , he might be having diffrent things to purchase and he need to get rid of the old cart cookie.


I think after pressing the logout button the developer removes the cookie manually. So when he logins again he will get a new cookie.
and on every request after a user has logged in the, browser that is client sends the JsessionId in request header and server uses that id to identify the client.
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 66142
141
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No, the session cookie is not handled directly by the developer.
 
vijay jacob
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


Basically "JSessionId" cookie on to which the session id is stored and this is the id which is used to identify the session .
1. who store this id?

Also referring to the cart example , we have the item stored into the session object. And on each new request the server recognises the session object from this cookie . And keeps adding to the session object any new items selected. Am i right with this.

Where cookie is diabled , we Take the URLRewriting so it help us to track the session . The same session obj stuff happed here too..
 
vijay jacob
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
@Bear B Thanks for your reply.

Hope you can help me with the last post.
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 66142
141
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes. All the session management is handled by the container.
 
Ishan Pandya
Ranch Hand
Posts: 228
Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
vijay jacob wrote:

Basically "JSessionId" cookie on to which the session id is stored and this is the id which is used to identify the session .
1. who store this id?


As bear bibeault said session ID is managed by the container. But this Id is stored in request and response object.

vijay jacob wrote:
And on each new request the server recognises the session object from this cookie . And keeps adding to the session object any new items selected. Am i right with this.


I dont think it is true.. Any comments bear?

Where cookie is diabled , we Take the URLRewriting so it help us to track the session . The same session obj stuff happed here too..


Yes but we append JSession ID thorugh code manually.
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 66142
141
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ishan Pandya wrote:Yes but we append JSession ID thorugh code manually.

No, we don't. There are methods in the servlet API to handle that as well. Bascially, we don't do anything manually to maintain the session.
 
Ishan Pandya
Ranch Hand
Posts: 228
Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes i was actually talking about the method encodeUrl() which appends the JSession ID to the URL.
 
vijay jacob
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I believe we just use the encodeURL API for URLRewriting.
 
Don't get me started about those stupid light bulbs.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!