Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Are session attributes really stored in cookie?

 
Timothy Sam
Ranch Hand
Posts: 751
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I thought they were stored server-side, but a friend told me that they are stored in browser cookies. Is this true? I happen to be saving the username and password in session scoped variable and this made me worry.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64835
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No. Session attributes are not stored in cookies.
 
Christophe Verré
Sheriff
Posts: 14691
16
Eclipse IDE Ubuntu VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Things you add using addCookie() will be in a cookie, not session attributes.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64835
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Your friend is confused. The session id is usually stored in a cookie. But this is just a value that allows the container to keep track of the session across requests. It in no way contains the values of session scoped variables.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic