difference HttpSession and HttpCookie

Discussion in 'Java' started by xarora, Aug 4, 2005.

  1. xarora

    xarora Guest

    Hi !

    Just started learning Java Servlets and so I have a newbie question:
    What's the difference between:
    HttpSession session = req.getSession(true);
    and
    res.addCookie(Cookie) ?

    It seems both are used to track session. So, are they both doing the
    same thing ?

    I read an article "Servlet Essentials" from
    http://www.novocode.com/doc/servlet-essentials/chapter2c.html .

    "It says Cookie is a string (in this case that string is the session
    ID) which is sent to a client to start a session. If the client wants
    to continue the session it sends back the Cookie with subsequent
    requests."

    And then it describes HttpSession session = req.getSession(true);

    So, does this mean this line of code is creating a cookie (if it
    already doesn't exist). And we could replace that line with
    res.addCookie(Cookie) ?

    I am just learning Java Servlets etc. so I have all the newbie
    questions ! Your help would be greatly appreciated.

    Thanks a lot!
    xarora
     
    xarora, Aug 4, 2005
    #1
    1. Advertising

  2. xarora wrote:
    > Hi !
    >
    > Just started learning Java Servlets and so I have a newbie question:
    > What's the difference between:
    > HttpSession session = req.getSession(true);
    > and
    > res.addCookie(Cookie) ?
    >
    > It seems both are used to track session. So, are they both doing the
    > same thing ?
    >
    > I read an article "Servlet Essentials" from
    > http://www.novocode.com/doc/servlet-essentials/chapter2c.html .
    >
    > "It says Cookie is a string (in this case that string is the session
    > ID) which is sent to a client to start a session. If the client wants
    > to continue the session it sends back the Cookie with subsequent
    > requests."
    >
    > And then it describes HttpSession session = req.getSession(true);
    >
    > So, does this mean this line of code is creating a cookie (if it
    > already doesn't exist). And we could replace that line with
    > res.addCookie(Cookie) ?
    >
    > I am just learning Java Servlets etc. so I have all the newbie
    > questions ! Your help would be greatly appreciated.
    >
    > Thanks a lot!
    > xarora
    >


    What is missing from the text you quote is that the servlet container
    tracks the session with a specific cookie. You should not interfere
    with that cookie, i.e., you should let the servlet container set it
    automatically.

    The HttpServletResponse.addCookie() method will allow you to add
    additional cookies to the client browser, assuming the browser supports
    cookies and is not configured to reject them.

    Ray

    --
    XML is the programmer's duct tape.
     
    Raymond DeCampo, Aug 4, 2005
    #2
    1. Advertising

  3. xarora

    xarora Guest

    Ramond, Thanks.

    So does this mean that HttpSession session = req.getSession(true); will
    add a cookie, and it will be tracked by the container (by that you
    mean, Tomcat, since thats what I am using).

    And HttpServletResponse.addCookie(­) method will allow me to add
    cookies 'in addition' to to the one which has been set by
    req.getSession(true) method ?

    Meaning , I should use both these methods in an application ?
    req.getSession(true) to track the client browser. And
    HttpServletResponse.addCookie(­) to store additional information (such
    as items in shopping cart) ?

    Thanks again.

    xarora
     
    xarora, Aug 4, 2005
    #3
  4. xarora wrote:
    > Ramond, Thanks.
    >
    > So does this mean that HttpSession session = req.getSession(true); will
    > add a cookie, and it will be tracked by the container (by that you
    > mean, Tomcat, since thats what I am using).


    That is one implementation and the most common.

    >
    > And HttpServletResponse.addCookie(­) method will allow me to add
    > cookies 'in addition' to to the one which has been set by
    > req.getSession(true) method ?


    Yes

    >
    > Meaning , I should use both these methods in an application ?
    > req.getSession(true) to track the client browser. And
    > HttpServletResponse.addCookie(­) to store additional information (such
    > as items in shopping cart) ?
    >


    It depends on where you want the information stored and other
    considerations. Storing an entire shopping cart in a cookie may not be
    a good idea. Cookies should be small pieces of information.

    Here are the three common areas to store data about a client:

    1) Cookies - physically located on the client browser, may expire, may
    not be enabled, may be deleted by the client, will not be available if
    the client uses a different computer, can store text data

    2) J2EE Session - physically located on the server, in memory; will be
    deleted after a timeout period; can store Java objects; can be a
    resource drain if not used judiciously

    3) Persistent storage - usually a database; physically located on the
    server; permanent; usually stores primitive types

    You could use these to work together. E.g., a cookie to store the key
    in the database to get the client information, then cache some data from
    the DB in the session, etc.

    HTH,
    Ray

    --
    XML is the programmer's duct tape.
     
    Raymond DeCampo, Aug 5, 2005
    #4
  5. xarora

    xarora Guest

    I see. Thanks for the help!
     
    xarora, Aug 7, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    1
    Views:
    400
    intrader
    Jul 6, 2005
  2. Tim
    Replies:
    3
    Views:
    954
    Steve Claflin
    Sep 3, 2003
  3. =?Utf-8?B?UGF1bA==?=

    Datatypes: HTTPCookie and Strings

    =?Utf-8?B?UGF1bA==?=, Nov 7, 2007, in forum: ASP .Net
    Replies:
    3
    Views:
    341
  4. wei

    password and HttpCookie

    wei, Sep 29, 2003, in forum: ASP .Net Web Controls
    Replies:
    0
    Views:
    147
  5. wei

    password and HttpCookie

    wei, Sep 29, 2003, in forum: ASP .Net Web Controls
    Replies:
    0
    Views:
    111
Loading...

Share This Page