This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Servlets and the fly likes Session Management Query in Servlets Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Session Management Query in Servlets" Watch "Session Management Query in Servlets" New topic
Author

Session Management Query in Servlets

Vaibhav G Garg
Ranch Hand

Joined: Sep 23, 2011
Posts: 140
Hi,

I was going through the HTTPSession usage to identify the user sessions. And, got to know that internally it uses COOKIES only to store the session and identify it. And, in most of my projects I have used the HTTPSession object only for session management. But, in case the cookies are disabled by the user, then how this works? Please suggest.

Thanks.
Abhay Agarwal
Ranch Hand

Joined: Feb 29, 2008
Posts: 1075
    
    1

As far as I know, HttpSession, by default, uses cookie to pass the session ID in all the client's requests within a session. If cookie is disabled, HttpSession switches to URL-rewriting to append the session ID behind the URL. To ensure robust session tracking, all the URLs emitted from the server-side programs should pass thru the method response.encodeURL(url). If cookie is used for session tracking, encodeURL(url) returns the url unchanged. If URL-rewriting is used, encodeURL(url) encodes the specified url by including the session ID.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Session Management Query in Servlets
 
Similar Threads
help with cookie
HFSJ Page 231, under 2nd Heading
ServletContext, PageContext HttpSesstion and HttpServletRequest
Session data passed through header line or body ?
New Session Created Randomly in Tomcat 5.0.28