> Hi,
> 1. I have used the code below to get hold of the cookie concept using
> servlets. I am using JWS1.1.3. I took ideas from Jason's book(its
explained
> really well). I am submitting a form using GET method . A servlet runs in
> response to form submission. This servlet checks whether a cookie with
name
> "sessionid" is sent from the client. If it finds it, then it displays a
> message 'cookie recieved from ur PC' else if it does,nt find any cookie
> with name "sessionid" from the client, it sends one to the client with
> message 'cookie has been set on ur PC'.
Why are you checking for a session id cookie? HttpSession session =
req.getSession(true)
resp.encodeUrl will satisfy your needs for session ids. Not all servlet
engines produce a
cookie called sessionid either so your code is no longer portable.
> 2. I observed that a file sk.txt gets created in JWS's root
> directory(JavaWebServer1.1.3). It contains encrypted data like
> -919119932375905. I suspect that this is the file which JWS creates for
any
> cookies. Can somebody confirm this ? Few related questions are
Depends on the web server/servlet engine
> 3. Does the browser chooses the file name for cookies , or the servlet
> sends it to the browser. I think this is the functionality of the browser.
> The browser sees cookies in response headers, and stores them on the
client
> PC with some random file name.
Browsers store the cookies on the client machine with a name made up from
the url of the site that the cookie
was sent from AFAIK.
> 4. Why does the cookie file gets created in the JWS installation directory
> ? The client does not have JWS installed! So by default cookie should get
> stored in c:\windows\cookies if I am running Win95 or in some other system
> directory for other operating systems.
Are you running the browser on the same machine as the web server? If so
then
you will have cookies stored there. The browser will always store cookies in
the same
place otherwise.
> Craig or somebody else can share his experiances over my doubts ? I hope
> Jason would not mind me pasting some lines of the code from his book !
>
> -mukul
>
As a general rule the cookies you send to the client will only be stored on
the client. It may well be
that JWS uses a temp store to build the cookie objects. It may well be that
what you are seeing is
in fact the place where session objects are stored as well and has nothing
to do with cookies you
send to the browser (which are persistent at the client but transient at the
server.
Those numbers you see are probably the keys into a hashtable like structure
that is the session object
serialised store. Servlet session tracking uses either a session id cookie
(JRun uses the default name jrunsessionid btw)
OR a parameter that is tacked onto the end of any URL's produced by the
servlet (encodeUrl(String url) does that for you).
Other cookies you generate from servlets are handled exactly like cookies
you could produce using Javascript etc. It has to
be this way otherwise the browsers would not know what to do with them.
Don't be too concerned about where they are stored and how they are handled
by the browser as things will be done
properly. Learn how to use them (and when not to as well, people still don't
trust cookies and switch that setting off in their
browsers and then complain about cookie storms) and let the browsers look
after the rest of the details for you.
Look at session objects as well.
Hope that helps
Andy Bailey
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
