Win a 3 month subscription to Marco Behler Videos this week in the Spring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Storing MySQL data in http session attribute?  RSS feed

 
hayder ma
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is it feasible to store SQL user data (name, age address..etc) in session attributes in servlet/JSP after user login? Is it common practice?, should I use cookies instead? what is a common practice
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 37051
507
Eclipse IDE Java VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hayder,
Welcome to CodeRanch!

Storing info that is used on many pages makes sense to store in the session such as the user's name. I can't imagine you use the address that often so it might be better to look it up each time.
 
hayder ma
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you .
 
Tim Holloway
Saloon Keeper
Posts: 18637
70
Android Eclipse IDE Linux
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Store anything you want quick access to in the HttpSession. Doesn't matter where it comes from, SQL, LDAP, radio messages from outer space, whatever. But remember that those stored items occupy memory, so the total RAM requirements for the server are going to multiply on the order of #concurrentsessions X bytespersession, Do remember, however, that if the original data source changes values that the session data won't follow the changes.

Some servers - including database servers - may have local data caching. That can be almost as fast as directly storing in the session and may even work better if multiple sessions are concurrently reading and updating.

Generally speaking, don't store sensitive data in cookies. Cookies can be hacked on the client side. Plus sending cookies back and forth adds to the total amount of network traffic. For best response and greatest security, data should remain on the server.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!