• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

session tracking

 
Ranch Hand
Posts: 109
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
cookies are small files that are sent by the server/servlet to reside in the clients computer...
... how about session tracking using HttpSession??? dose it also resides in the client???
 
Ranch Hand
Posts: 47
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
AFAIK HttpSession chooses by itself which method of tracking to use - if the client allows cookies, it will use them. If not, it will manage the session server side.
Cookies is the most effective way of tracking - but it depends on what extent you want to track - the session, the request, the application lifetime etc. HttpSession is ideal for session tracking - Cookies are better for Application tracking such as a user disconnecting from a dial up, and connecting a few days later - if the user has not flushed his cookie bin, then you can still recognise him.
 
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
A couple of points I'd like to clarify:
Firstly, cookies aren't files sent by the server, they are sent as text in the HTTP header and then saved as a file on the filesystem if required - they don't always get saved.
The cookies used for HttpSessions are usually session cookies, and for security reasons they don't usually get written to the file system (ie only memory-resident), but this is browser specific behaviour.
If the browser is closed, memory-resident session cookies are lost and you no longer know who the user is.
Unless you specifically write some user data to a persistent cookie, and then only if the client accepts it, there is no way to track users from one day to the next. For eample, javaranch writes the userId as a cookie which gets saved to the filesystem. This is why you don't have to login each day.
Dave
 
Benjoe Reyes
Ranch Hand
Posts: 109
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
so basically it is my choice as to what to use, right??? since it is not always possible for a persistant cookie i have the option to use HTTPSession... i'm just folowing some projects from deitel&deitel and they gave examples doing both:
1. Cookie cookies = new Cookie(name, value)
response.addCookie(cookies)
2. HttpSession session = request.getSession(true)
session.putValue(name,value)
cookies get added to the response thus to the client HTML but session doesn't... am i getting it write???
[ November 27, 2002: Message edited by: Benjoe Reyes ]
 
Ranch Hand
Posts: 2676
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
HttpSession controls how the session is tracked. It generally uses cookies, but if the browser will not accept cookies it will use url encoding. You do not need to worry about instantiating a cookie or encoding a url because HttpSession takes care of that for you.
 
reply
    Bookmark Topic Watch Topic
  • New Topic