Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Storing MySQL data in http session attribute?  RSS feed

 
hayder ma
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is it feasible to store SQL user data (name, age address..etc) in session attributes in servlet/JSP after user login? Is it common practice?, should I use cookies instead? what is a common practice
 
Jeanne Boyarsky
author & internet detective
Sheriff
Posts: 37241
519
Eclipse IDE Java VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hayder,
Welcome to CodeRanch!

Storing info that is used on many pages makes sense to store in the session such as the user's name. I can't imagine you use the address that often so it might be better to look it up each time.
 
hayder ma
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you .
 
Tim Holloway
Bartender
Posts: 18709
71
Android Eclipse IDE Linux
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Store anything you want quick access to in the HttpSession. Doesn't matter where it comes from, SQL, LDAP, radio messages from outer space, whatever. But remember that those stored items occupy memory, so the total RAM requirements for the server are going to multiply on the order of #concurrentsessions X bytespersession, Do remember, however, that if the original data source changes values that the session data won't follow the changes.

Some servers - including database servers - may have local data caching. That can be almost as fast as directly storing in the session and may even work better if multiple sessions are concurrently reading and updating.

Generally speaking, don't store sensitive data in cookies. Cookies can be hacked on the client side. Plus sending cookies back and forth adds to the total amount of network traffic. For best response and greatest security, data should remain on the server.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!