| Author |
Are session attributes really stored in cookie?
|
Timothy Sam
Ranch Hand
Joined: Sep 18, 2005
Posts: 746
|
|
|
I thought they were stored server-side, but a friend told me that they are stored in browser cookies. Is this true? I happen to be saving the username and password in session scoped variable and this made me worry.
|
SCJP 1.5
http://devpinoy.org/blogs/lamia/ - http://everypesocounts.com/
|
 |
Bear Bibeault
Author and ninkuma
Marshal
Joined: Jan 10, 2002
Posts: 56162
|
|
|
No. Session attributes are not stored in cookies.
|
[Smart Questions] [JSP FAQ] [Books by Bear] [Bear's FrontMan] [About Bear]
|
|
Christophe Verré
Sheriff
Joined: Nov 24, 2005
Posts: 14669
|
|
|
Things you add using addCookie() will be in a cookie, not session attributes.
|
[My Blog]
All roads lead to JavaRanch
|
|
Bear Bibeault
Author and ninkuma
Marshal
Joined: Jan 10, 2002
Posts: 56162
|
|
|
Your friend is confused. The session id is usually stored in a cookie. But this is just a value that allows the container to keep track of the session across requests. It in no way contains the values of session scoped variables.
|
|
 |
|
|
subject: Are session attributes really stored in cookie?
|
|
|
0
