"Godbey, David" wrote:
>
> A colleague of mine objects to using session objects to stash information
> because he claims it bloats the servlet environment. He prefers, instead, to
> stash the info in the cookie.
>
> What is the conventional wisdom on this?
My opinion is that enough people thought Sessions were a useful tool, and one
should use them where it makes sense. There are times when cookies will be
sufficient, but there are situations where sessions should be the tool of
choice.
Cookies can be used when the information
- is in the form of Strings, or can be easily converted to Strings
- is not excessive; the cookie spec requires browsers to store only a minimum of
20 cookies per server, 4096 bytes per cookie (see
ftp://ftp.isi.edu/in-notes/rfc2109.txt). Okay, that's 80K of information, but
it's still a limit.
So, you should use sessions (or something similar) in the following cases:
- The data to be stored exceeds 20 cookies or 4096 bytes
- The data cannot be converted to a String. If the data is an object, you must
store it on the server side
- You want to provide persistent user experience no matter where the user logs
in from. For example, web email services advertise world wide accessibility
using the web. However, if you store session information on a browser, each time
the user logs in from a different browser, the user has to reset all their
preferences. If this information is stored on the server, then they get the same
user experience from every browser
KMukhar
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
