• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Cookies

 
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi friends

Where the cookies are created and stored in servlet technology?


Is the cookies created for every request?

can anyone please explain me clearly?

thanks in advance.....
 
Ranch Hand
Posts: 147
Eclipse IDE Tomcat Server Debian
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
"Cookies" are an HTTP technology, more protocol than programming language. See http://en.wikipedia.org/wiki/HTTP_cookie for the gory details. Cookies live in the exchange between server & browser, tokens passed back and forth with each request & response. They only support textual data. Data in Cookies is exposed with each request & response, so it is a very bad place to store sensitive information.

Within Servlets & JSP, we use HttpSession, which encapsulates the low-end details of working with the Cookie. When using an HttpSession, only a unique identifier is passed back and forth in the Cookie, and session attributes (which can be any java object) are stored in memory by the server. These attributes are never sent with the request & response (unless you write your program to do so), so it's more secure than data in a Cookie.

Generally in Servlets & JSP, there is no need to deal directly with the Cookie. The exception is when you need to exchange simple, non-sensitive data with another web application.
 
Pratap gogireddy
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks pete

But I read in the HEAD First book


HttpSession session=request.getSession();


when we call the above method Container do the following things

it creates a new HTTP session object

it generates a new Session id

it make a new COOKIE Object

it associate the Session ID with the cookie

it sets the cookie into the response header by using SET-COOKIE Header

That means we can say that the COOKIES are created by the container or web server for the stuffing the session id and sent back to the client and saved at the client side for further use.

Is this right pete? please clarify this one.

thanks in advance.





 
reply
    Bookmark Topic Watch Topic
  • New Topic