Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

how can i do sessions in java if some one disables cookies in my browser?

Tags:

java

jsp

cookies

servlets

I like to know if someone disables the cookies in my browser then cookies dont work for my browser then how can I do sessions in java. I am writing servlets for server side programming. Then how does my sessions work? How does it recognize the user? As JSESSION ID is stored in cookies...

like image 660
giri Avatar asked Jan 14 '10 16:01

giri

People also ask

How do I manage session if cookies are disabled?

config file that configures session state to use cookieless session identifiers. first of all session never stored at clinet side. only session id is been mentained which are in cookies and only when cookies are not disabled. If cookies are disabled at client side then we can shared sessionID through URL(query string).

How do you handle sessions without cookies?

The HTTP POST method provides an alternative to cookies to maintain session state. The HTTP POST method provides the same state information as would a cookie but has the advantage that it works even when cookies are not available. This method is not common in practice, but it is a good example to learn from.

Does session depend on cookies?

Sessions are cookies dependent, whereas Cookies are not dependent on Session. The session ends when the user closes the browser or logout from the application, whereas Cookies expire at the set time. A session can store as much data as a user want, whereas Cookies have a limited size of 4KB.

What if cookies are disabled?

Both sessions and normal cookies are normal cookies. If a user does not accept cookies, he cannot use any of the functionality enabled by them. Which means pretty much the whole internet would break for that user, which is why in this day and age there's virtually nobody who has cookies disabled entirely.

1 Answers

See HttpServletResponse encodeURL() and encodeRedirectURL().

These functions will rewrite your URLs appropriately to include the session information if the browser doesn't support cookies. Depending on what Java web framework you're using, these functions may be called automatically (as long as you use the framework's methods for writing URLs).

Note that this may not be desirable in all cases, due to the security and caching implications of making the session ID visible in the links. This page summarizes the issues much better than I can in this short space, and provides a way to disable this feature.

like image 161
ZoogieZork Avatar answered Oct 11 '22 10:10

ZoogieZork
Sign in to Comment

Related questions

Extract duplicate objects from a List in Java 8
Spring not overriding active profile from command line [duplicate]
Spring WebFlux Flux behavior with non streaming application/json
How to get multiple values for multiple keys from Hashmap in a single operation?
Flutter doctor results with "cmdline-tools component is missing"
iterate static int values in java
Equivalent code for instance method synchronization in Java
How many multiple "Eclipse Projects" is considered too excessive for one actual development project?
How do I test the availability of the internet in Java?
Best way to store Country codes, names, and Continent in Java
Why does my servlet stacktrace show "Unknown Source" for my classes?
Swing: Can't get JButton to update - repaint() not working
boolean.class?
In JSP, how to identify the type of Object present in a List?
Inconsistent behavior on java's ==
data type to represent a big decimal in java
Why is paint()/paintComponent() never called?
Is List<List<String>> an instance of Collection<Collection<T>>?
Load properties file in a java servlet deployed in JBoss as a war
Has anyone used Lua to build a web application? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!