File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Session vs Cookie objects Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Session vs Cookie objects" Watch "Session vs Cookie objects" New topic
Author

Session vs Cookie objects

mo sayed
Ranch Hand

Joined: Jan 25, 2006
Posts: 88
Hi,
I'm currently reading Sessions chapter in HFSJ, and seek clarification
in the differences between Session and Cookie objects. Specifically I'd like
to understand when you would use either. According to the text, a session is
managed by a Cookie; Yet there exists two distinct objects, a Session object and a Cookie object. Why would I want to use a Cookie object when a Session object offers more, i.e. we are constrained to storing String values in a cookie and objects in Sessions? Why not just use session objects to store information.
regards,
Mo
SCJP 1.4, Father of 3 rascals


<a href="http://moongrails.blogspot.com/" rel="nofollow">grails</a>
Martyn Clark
Ranch Hand

Joined: Apr 16, 2005
Posts: 108
Hi,
Is it not that you can have cookies persist on the client but a session cookie is gone once the session is over if you started a new session it would have a new JSESSIONID. Session cookies are done automatically where custom cookies are set by the developer. You only really want to be using a session when it is needed.


Martyn...<br /> <br />SCJP 1.4 SCWCD 1.4
Anbu Rajendran
Greenhorn

Joined: Aug 09, 2006
Posts: 18
You can put more info into a cookie than just the session-id.
For e.g., a website might put a cookie with your name in it.
This cookie is stored in your pc.

When you return to the website, several days after the session
is terminated on the server, the browser sends the cookie info
to the server. So you might see a welcome message saying
"Welcome back Tom Cruise".

In short, cookies live longer than sessions.
Jiji Cherian
Greenhorn

Joined: Aug 10, 2006
Posts: 18
Session and cookies are used in different scenarios.
Session is primarly used for keeping the client state across different client requests. Since HTTP is stateless there is no way for a container to know from which client the request comes from. To track this there are two ways,
1. Cookies
2. URL rewriting

When a client first makes a request, a session is created in the server and associated with the client. This is accomplishe by giving the session an id. and passing this is back to the client. This id is passsed as a cookie in the response. When the client again sends a request it sends the session id with the request. Now the server looks for a session object with the same session id. if there exists a session with the same session id. it associates the client with that session. Which means the client can get the attributes from the session which is set as part of the previous request.

Hence cookies are a way to implement session management.

Hope it helps.
[ August 11, 2006: Message edited by: Jiji Cherian ]
mo sayed
Ranch Hand

Joined: Jan 25, 2006
Posts: 88
Guys,
Thanks for the explanations. Things look a bit clearer now.
TO reiterate, cookie objects are used for storing state information
across a number of sessions, e.g. maintaining user details,
whereas session objects store information for a given session.
I guess the confusion arose, since the text in the book talked about
the JSESSIONID but I could'nt see the connection between session and
cookie objects, Thanks again.
regards,
Mo
SCJP 1.4
Jiji Cherian
Greenhorn

Joined: Aug 10, 2006
Posts: 18
cookie objects are used for storing state information
across a number of sessions


it depends. meaning you should programatically specify how long the cookie should live in the client machine.
For eg: a session cookie's life is same as that of a session. but the cookie information is stored in the client(harddisk) whereas as the session object are stored in server memory.

So i am restating your statement as,
cookie objects can be used for storing state information
across a number of sessions
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Session vs Cookie objects
 
Similar Threads
Allowing a Session to stay alive when browser closes
Session -Browser window
please tell me when to use Session and Cookie?
Session and cookies
When is a HttpSession object created by the Web Container