aspose file tools*
The moose likes Servlets and the fly likes cookie vs httpsesion object Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "cookie vs httpsesion object" Watch "cookie vs httpsesion object" New topic
Author

cookie vs httpsesion object

Neeraj Vij
Ranch Hand

Joined: Nov 25, 2003
Posts: 315
Hi,

which option is better in maintaing the sesion in a real time application.

cookies or session object ?

site will be having large no.of hits and will be deployed under a clustered environment.

thanks,
neeraj.
Cameron Wallace McKenzie
author and cow tipper
Saloon Keeper

Joined: Aug 26, 2006
Posts: 4968
    
    1

Well, an HttpSession is the server side component available in the Servlet and JSP API, and it's the one that pretty much every large site uses, so simply 'majority rules' would indicate the HttpSession.

But an HttpSession often uses a cookie on the client to plant an ID, so in most cases, they are part of the same solution, unless you are using URLRewriting.

Use the HttpSession. Don't mess around too much with cookies.

-Cameron McKenzie
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12789
    
    5
The only case in which I would even consider cookie(s) over a session would be if the "user state" to be preserved could be represented very compactly in short string(s) AND exposing the contents did not constitute a security problem. There are big limitations on how much cookies can store - search for rfc2965.

Bill
Neeraj Vij
Ranch Hand

Joined: Nov 25, 2003
Posts: 315
Hello,

Thanks for your inputs. If it is possible, please provide some more justification for using httpsession object over cookie.

thanks,
neeraj.
Cameron Wallace McKenzie
author and cow tipper
Saloon Keeper

Joined: Aug 26, 2006
Posts: 4968
    
    1

Why do I feel like I'm answering somebody's homework assignment?

Let's put it back on you. Why would you want to use a cookie, when the Servlet and JSP API provides you a much easier and reliable HttpSession?

-Cameron McKenzie
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: cookie vs httpsesion object