> From: Lung Chan [mailto:[EMAIL PROTECTED]
> I'm pretty new in web design, but why can't you use cookies to
> do what you want?
If you do, you have two approaches:
- Store all the session data in the cookie, and pass that back and forth
on each request and response. This eliminates the need to store session
state on the servver, is liable to being sniffed or altered in transit
(so don't trust any of the data in the cookie to be safe), and
potentially contains a lot of data.
- Store all the session data on the server, and issue a cookie (Tomcat
uses JSPSESSIONID as I recall) containing only a small key to that data.
This is more common, but the server has to guess at when it is safe to
discard the stored session data.
- Peter
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
