wood burning stoves
The moose likes Servlets and the fly likes Session Management Query in Servlets Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Session Management Query in Servlets" Watch "Session Management Query in Servlets" New topic

Session Management Query in Servlets

Vaibhav G Garg
Ranch Hand

Joined: Sep 23, 2011
Posts: 141

I was going through the HTTPSession usage to identify the user sessions. And, got to know that internally it uses COOKIES only to store the session and identify it. And, in most of my projects I have used the HTTPSession object only for session management. But, in case the cookies are disabled by the user, then how this works? Please suggest.

Abhay Agarwal
Ranch Hand

Joined: Feb 29, 2008
Posts: 1341

As far as I know, HttpSession, by default, uses cookie to pass the session ID in all the client's requests within a session. If cookie is disabled, HttpSession switches to URL-rewriting to append the session ID behind the URL. To ensure robust session tracking, all the URLs emitted from the server-side programs should pass thru the method response.encodeURL(url). If cookie is used for session tracking, encodeURL(url) returns the url unchanged. If URL-rewriting is used, encodeURL(url) encodes the specified url by including the session ID.
I agree. Here's the link: http://aspose.com/file-tools
subject: Session Management Query in Servlets
It's not a secret anymore!