This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Are session attributes really stored in cookie?

 
Timothy Sam
Ranch Hand
Posts: 751
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I thought they were stored server-side, but a friend told me that they are stored in browser cookies. Is this true? I happen to be saving the username and password in session scoped variable and this made me worry.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64182
83
IntelliJ IDE Java jQuery Mac Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No. Session attributes are not stored in cookies.
 
Christophe Verré
Sheriff
Pie
Posts: 14691
16
Eclipse IDE Ubuntu VI Editor
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Things you add using addCookie() will be in a cookie, not session attributes.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64182
83
IntelliJ IDE Java jQuery Mac Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Your friend is confused. The session id is usually stored in a cookie. But this is just a value that allows the container to keep track of the session across requests. It in no way contains the values of session scoped variables.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic