• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Help Regarding Cookies and session

 
Ranch Hand
Posts: 82
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
HI,
In my project I want to Keep track of the user name until the user Logs out.
I want a suggestion which one is to be used to track the current user
Either Cookies concept or session object.

Can anyone give me suggestion for this?

Thanks a lot
 
Ranch Hand
Posts: 69
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sessions are maintained on the server so do not allow a client to tamper with the session data.
Cookies are maintained on the client so they can be tampered with.
 
Ranch Hand
Posts: 116
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Its as simple as putting the user name in session.
 
Santhana Lakshmi.S
Ranch Hand
Posts: 82
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi,
thanks for your reply.
I am using the session like this only to keep track of username.
But if user updates anything in that page it is not getting reflected in the page.
And also if another user logs-in and the user is getting the first logged in user's page.If the user refresh the page,it is showing the current user'spage.
How to avoid reflection?I tried by setting maxInactiveinterval to the session object.It is also not working.
I want to know the proper way to track session object.In what way the setMaxInactiveInterval will help me in avoiding this reflection?

Thanks a lot
 
Ranch Hand
Posts: 213
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Santhana ,

The Page where you want the user to logout , does it terminate the session on that page ? i.e are you invalidating the session ? Because if the session timeout period has not got ended and the user just closes the browser , the server DOES NOT terminate the session and then someone again opens the same page the previous user was browsing , then he / she can definately see what the previous user was indeed seeing.

So , Its better to invalidate the session and forward the user to login page once session has expunged.

You can check the HttpSession interface for more details on this.

Yogendra Joshi.
 
reply
    Bookmark Topic Watch Topic
  • New Topic