please tell me when to use Session and Cookie?

Since I created one session & as we say that session store at server side that means if I clear browser cookie thereafter it should show me my login use as logged in but when i cleared the cookie then my user logged out that means there is something behind session with cookie so please tell me what is relation between cookie & seesion ?

Please also give example as when should I use session & when should I use cookie, url rewriting, hidden form field ?

Since I read the entire description but always gets confused while choosing any one like if we clear cookie then session also gets expire so why not use cookie ?

Please explain with real life example for better understanding...

Thanking you..

sachin santaji wrote:Since I created one session & as we say that session store at server side that means if I clear browser cookie thereafter it should show me my login use as logged in but when i cleared the cookie then my user logged out that means there is something behind session with cookie so please tell me what is relation between cookie & seesion ?

The session is stored at the server, true. However, the browser often uses a cookie to identity the session. For Tomcat, the cookie name is JSESSIONID. If you clear the cookies then the browser will not send this cookie, and the server doesn't know that the old session should be used. It therefore creates a new one.

Since I read the entire description but always gets confused while choosing any one like if we clear cookie then session also gets expire so why not use cookie ?

Because cookies have more limitations on what they can store. For instance, it can only store text, whereas sessions can store any object that's serializable. (Perhaps serializable isn't even required, can't remember.) Cookies are also quite limited in the amount of data they can store, whereas sessions are limited by server memory only.

Hi Sachin,
Welcome to JavaRanch!!!

Few examples how I understood cookies..

example 1. Problem statement: an online shopping cart, say you added 5 items in the basket but you did not buy them. Tomorrow when you come back and continue shopping your old basket with 5 selected items is required. There are couple of solutions for this problem
i. Save all the selected items in the DB and retrieve when you re-login
ii. Save all this content in the cookie in form of text and make it readily available
Say for something like this which is not the data I should secure, I would rather share the responsibility of this request at both the client and the server. I save the data in cookie and retrieve whenever required. I use session when the state should be only maintained until the user quits the current session. Additionally, the cookie can be disabled from the client end, but the server needs some information that needs to be transferred or retrieved like when cookie is available, so show to proceed? There comes the URL rewriting.
Commercial sites/forums etc.. which doesn't require much of information security uses cookies for storing user authentication data as well.

example 2. Few search engines and few other sites use cookies for better/intelligent marketing purpose. Like if I search for search for online cameras, this information can be stored in cookie and next time when I am searching something else, I recieve ads related to cameras since that is one of my interest. Well this good for me since its like a short cut for me, its good for the provider since makes some good business

example 3. The best one I experienced. Few months back I booked a bus ticket online (it doesn't have any login). Last week I again opened the same site for booking tickets, the source and destination are pre-populated. Then I looked into the cookie and got the picture, it made my job easier though

Thanks Rob Spoor for your useful answer..It helps me lot.

Thanks Shankar Tanikella for your valueble answer.....You have given very good example....It helps me lot.

@shankar good explanation, So you are not cleaning browser since four monts I would like to know bus reservation site.

Mohana Rao Sv wrote: So you are not cleaning browser since four monts

He he he, I never clean it up at all, not that I am reckless, truly speaking I don't have anything to loose and little lazy as well.

Ha! lets see the cookie information of the bus site I use. I have shown the content of only 2 cookies


@sachin, see the info stored explains it all.