Saturday, February 18, 2017

How Cookies are works in Servlets

A Cookie is a small text file that is stored on the client system. When we create a Cookie it provides a small amount of information sent by the servlet to a web browser,saved by the browser,and later sent back to the server. Cookies are most often used to keep track of the client session. Most servers will automatically create a cookie when a new session is created. The Cookie will contain session ID and will be set to expire as soon as the client browser has been closed.

In both Servlets and JSP  cookies are accessed through HttpRequest,sent to the client through the HttpResponse and encapsulated as javax.servlet.http.Cookie objects

 create a Cookie:

To create a new Cookie,simply instantiate the Cookie class by passing both name and the value. Here name and value means, A cookie is simply a single name-value pair are string objects. A cookie may also be configured with one or more characteristics that are set using setxxxxx() methods. They are

Domain: The Domain attribute specifies a web domain that should receive the cookie(Ex:http://learnprogramingbyluckysir.blogspot.com).By default this property is set to the domain that created the cookie.

MaxAge: You can set the Cookie lifespan (in seconds). If you set the value is zero or negative,the cookie will be destroyed when the browser is closed.

Secure: If this flag is set to true, the cookie will be sent only if a secure protocol such as HTTPS or SSL is available.

Example:
Cookie myCookie = new Cookie("Cookie", "nakuri");
myCookie.setSecure(false);
myCookie.setMaxAge(60*60*24*7); //one week
//add the cookie to the response object.

res.addCookie(myCookie);

How to Read Cookies:

If you have created a cookie for a particular page or set of pages, the client will automatically append the cookie to the HTTP header when it requests the page again. If the cookie has expired, of course, it will not be included.

When a client returns a cookie, you can access it through the HttpRequest.getCookies() method. This method returns an array of Cookie objects. 

You can iterate through the array with a simple for loop:

Cookie[] myCookies = req.getCookies();
for (int i=0; i<myCookies.length; i++) {
out.println("Cookie name: " + myCookies[i].getName());

out.println("Cookie value: " + myCookies[i].getValue());
}


How to create Cookies with multiple values:

The cookie definition specifies a single name-value pair. However, there is nothing that prevents you from concatenating several variables into a single value. This will save you the overhead of building and accessing multiple cookies, but it will cost you in terms of building and using a string parser to separate out the values. Most cookie values comprised of

concatenated values use the “&” character as a separator.


Is Cookie really provide security:

There is no doubt cookies considered unsecured data storage. User can easily modify or erase any cookie at any time. Cookies never contain unencrypted password and other privileged client data. 

You should use Session attributes instead of Cookies. Cookies are depends on client settings and may slow down your web pages. So Session attributes provides faster page access. But if you are expecting a large number of simultaneous website hits,session attributes require so much memory and you probably need to use  Cookies.
  
Recommended to Read : 

TOP 20 Servlet Interview Questions
Top 30 JSP Interview Questions
Struts  Interview Questions
JDBC Interview Questions and answers
TOP 20 SQL Query Interview Questions

No comments:

Post a Comment

High Paying Jobs after Learning Python

Everyone knows Python is one of the most demand Programming Language. It is a computer programming language to build web applications and sc...