difference HttpSession and HttpCookie

X

xarora

Hi !

Just started learning Java Servlets and so I have a newbie question:
What's the difference between:
HttpSession session = req.getSession(true);
and
res.addCookie(Cookie) ?

It seems both are used to track session. So, are they both doing the
same thing ?

I read an article "Servlet Essentials" from
http://www.novocode.com/doc/servlet-essentials/chapter2c.html .

"It says Cookie is a string (in this case that string is the session
ID) which is sent to a client to start a session. If the client wants
to continue the session it sends back the Cookie with subsequent
requests."

And then it describes HttpSession session = req.getSession(true);

So, does this mean this line of code is creating a cookie (if it
already doesn't exist). And we could replace that line with
res.addCookie(Cookie) ?

I am just learning Java Servlets etc. so I have all the newbie
questions ! Your help would be greatly appreciated.

Thanks a lot!
xarora
 
R

Raymond DeCampo

xarora said:
Hi !

Just started learning Java Servlets and so I have a newbie question:
What's the difference between:
HttpSession session = req.getSession(true);
and
res.addCookie(Cookie) ?

It seems both are used to track session. So, are they both doing the
same thing ?

I read an article "Servlet Essentials" from
http://www.novocode.com/doc/servlet-essentials/chapter2c.html .

"It says Cookie is a string (in this case that string is the session
ID) which is sent to a client to start a session. If the client wants
to continue the session it sends back the Cookie with subsequent
requests."

And then it describes HttpSession session = req.getSession(true);

So, does this mean this line of code is creating a cookie (if it
already doesn't exist). And we could replace that line with
res.addCookie(Cookie) ?

I am just learning Java Servlets etc. so I have all the newbie
questions ! Your help would be greatly appreciated.

Thanks a lot!
xarora
Click to expand...

What is missing from the text you quote is that the servlet container
tracks the session with a specific cookie. You should not interfere
with that cookie, i.e., you should let the servlet container set it
automatically.

The HttpServletResponse.addCookie() method will allow you to add
additional cookies to the client browser, assuming the browser supports
cookies and is not configured to reject them.

Ray
 
X

xarora

Ramond, Thanks.

So does this mean that HttpSession session = req.getSession(true); will
add a cookie, and it will be tracked by the container (by that you
mean, Tomcat, since thats what I am using).

And HttpServletResponse.addCookie(­) method will allow me to add
cookies 'in addition' to to the one which has been set by
req.getSession(true) method ?

Meaning , I should use both these methods in an application ?
req.getSession(true) to track the client browser. And
HttpServletResponse.addCookie(­) to store additional information (such
as items in shopping cart) ?

Thanks again.

xarora
 
R

Raymond DeCampo

xarora said:
Ramond, Thanks.

So does this mean that HttpSession session = req.getSession(true); will
add a cookie, and it will be tracked by the container (by that you
mean, Tomcat, since thats what I am using).
Click to expand...

That is one implementation and the most common.
And HttpServletResponse.addCookie(­) method will allow me to add
cookies 'in addition' to to the one which has been set by
req.getSession(true) method ?
Yes


Meaning , I should use both these methods in an application ?
req.getSession(true) to track the client browser. And
HttpServletResponse.addCookie(­) to store additional information (such
as items in shopping cart) ?
Click to expand...

It depends on where you want the information stored and other
considerations. Storing an entire shopping cart in a cookie may not be
a good idea. Cookies should be small pieces of information.

Here are the three common areas to store data about a client:

1) Cookies - physically located on the client browser, may expire, may
not be enabled, may be deleted by the client, will not be available if
the client uses a different computer, can store text data

2) J2EE Session - physically located on the server, in memory; will be
deleted after a timeout period; can store Java objects; can be a
resource drain if not used judiciously

3) Persistent storage - usually a database; physically located on the
server; permanent; usually stores primitive types

You could use these to work together. E.g., a cookie to store the key
in the database to get the client information, then cache some data from
the DB in the session, etc.

HTH,
Ray
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

axis web services and httpsession 0
httpCookie is null 4
[For Beginners)Difference between Java and JavaScript 3
Fading effect between play and play-over and pause and pause-over 0
How to check whether HttpSession is still valid? 5
Strange servlet exception 1
Getting the HTTPSession of a SOAP servlet? 0
Newbie to coding and wanting to learn 2

Members online

No members online now.
Total: 27 (members: 0, guests: 27)
Robots: 459

Forum statistics

Threads
473,768
Messages
2,569,574
Members
45,051
Latest member
CarleyMcCr

Latest Threads

Top