Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Alternate for Cookies and Session variables

Posted on 2006-05-10
23
Medium Priority
?
210 Views
Last Modified: 2010-04-01
Hi,
 Both Session Variables and Cookies require client to have cookies enabled on their computer. Is there any alternate which doesn't require cookies enabled and stores session values.
 
0
Comment
Question by:cool_baba
  • 12
  • 7
  • 3
  • +1
23 Comments
 
LVL 92

Assisted Solution

by:objects
objects earned 375 total points
ID: 16654592
0
 
LVL 19

Expert Comment

by:actonwang
ID: 16655228
>>Both Session Variables and Cookies require client to have cookies enabled on their computer
       
     A misconcept here. Actually session variables are stored ONLY in server side and have nothing to do with cookies or url rewriting.

    other than that, yes, as objects said , 2 ways to implement session:
    1. cookie
    2. URL rewriting so called jsessionid


acton
0
 

Author Comment

by:cool_baba
ID: 16656395
>> A misconcept here. Actually session variables are stored ONLY in server side and have nothing to do with cookies or url rewriting.
Its true that session variables are stored only on server side but it needs cookies enabled on client as it use a cookie called SessionID. A bit annoying but that is how it works.
  I am going to work on JSessionid I hope it doesn't require cookies enabled on client
 
Baba
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 92

Expert Comment

by:objects
ID: 16656437
url rewriting does not use cookies
0
 

Author Comment

by:cool_baba
ID: 16656516
Isn't it something like GET for HTML forms, with limitations on data transfer to the server. If anybody knows ViewState using the JSP.
 
0
 
LVL 92

Expert Comment

by:objects
ID: 16656596
basically just involves passing the session id in the query string
0
 
LVL 8

Accepted Solution

by:
colr__ earned 375 total points
ID: 16656848
If you use a session variable in your code, then if the clients browser has cookies disabled, then the J2EE container will automatically use URL rewriting - you dont need to worry about this though, you just use the session variabels as normal and the container sorts out the rest for you.

colr__
0
 

Author Comment

by:cool_baba
ID: 16657227
Colr__ I am using firefox. it doesn't allow session variables or use URL rewriting.
0
 
LVL 8

Expert Comment

by:colr__
ID: 16657547
Im using firefox too and Ive never had a problem with setting session variables. The session variabels are not 'allowed' by the browser, it is a function of the J2EE container. If you attemp to use a session variable, and the container detects that the browser wont accept cookies, the container will then use URL rewriiting. This all happens transparently to the browser.

As far as how URL rewriting works, I dont know that - Ive never came across a situation where Ive had to delve into the implementation of it - all you need to know is that session variables will work, how it does it is not important.

So, using session variables, it doesnt matter that your breowser may nor may not accept cookies, as if it doesnt, then the container will automatically switch to URL rewriting.

colr__
0
 

Author Comment

by:cool_baba
ID: 16658253
Use this code in mozilla firefox, with cookies disabled.

<HTML>
<BODY>
<FORM METHOD=POST ACTION="SaveName.jsp">
What's your name? <INPUT TYPE=TEXT NAME=username SIZE=20>
<P><INPUT TYPE=SUBMIT>
</FORM>
</BODY>
</HTML>

code for SaveName.jsp

<%
   String name = request.getParameter( "username" );
   session.setAttribute( "theName", name );
%>
<HTML>
<BODY>
<A HREF="NextPage.jsp">Continue</A>
</BODY>
</HTML>

code for NextPage.jsp

<HTML>
<BODY>
Hello, <%= session.getAttribute( "theName" ) %>
</BODY>
</HTML>


I have tried it in netscape as well .. if you don't allow cookies value is always null (exception internet explorer)

Thanks for your time and concern Colr__
0
 
LVL 8

Expert Comment

by:colr__
ID: 16658307
Very strange, I've never seen this before.

Can you confirm when using FF and netscape that the SaveName.jsp URL defenetaly has the value set in its URL? For example it should look like this:

SaveName.jsp?username=colr__

Im just wondering if the lack of quotation marks around the html input's are confusing FF and Netscape??

colr__
0
 

Author Comment

by:cool_baba
ID: 16658547
>>Im just wondering if the lack of quotation marks around the html input's are confusing FF and Netscape??
    I just didn't understand it. could you modify the code and write it here.

>>Can you confirm when using FF and netscape that the SaveName.jsp URL defenetaly has the value set in its URL? For example it should look like this:
>>SaveName.jsp?username=colr__

It doesn't show username in url ..
 
Syed
0
 

Author Comment

by:cool_baba
ID: 16658570
Opera doesn't support either ..
0
 
LVL 8

Expert Comment

by:colr__
ID: 16658592
ok, if it doesnt show the username in the url, then the username is not being passed correctly to SaveName.jsp in all but IE.

Try modifying your first html page this:

<HTML>
<BODY>
<FORM METHOD="POST" ACTION="SaveName.jsp">
What's your name? <INPUT TYPE="TEXT" NAME="username" SIZE=20>
<P><INPUT TYPE="SUBMIT">
</FORM>
</BODY>
</HTML>

colr__
0
 

Author Comment

by:cool_baba
ID: 16658640
still not working..
0
 
LVL 8

Expert Comment

by:colr__
ID: 16658694
Ive just realised, your using post,. so you wouldnt see the variabels in the URL of SaveName.jsp. Try changing the methof type to GET and see if the URL is showing the variables in erach of the browsers:

<FORM METHOD="GET" ACTION="SaveName.jsp">

should result in the URL:

SaveName.jsp?username=colr__

colr__
0
 

Author Comment

by:cool_baba
ID: 16658843
yes, variable value is transferred to second page. I mean using GET shows result as: SaveName.jsp?username=colr__

0
 
LVL 8

Expert Comment

by:colr__
ID: 16659023
One last test - change SaveName.jsp to the following

<HTML>
<BODY>
Hello, <%= session.getAttribute( "username" ) %>
</BODY>
</HTML>

Let me know if this wokr son all brosers. Im on a mission now...

colr__
0
 

Author Comment

by:cool_baba
ID: 16659111
Doesn't work for GET or POST. I don't thnk we can access GET or POST variables on page other than target page.
0
 
LVL 8

Expert Comment

by:colr__
ID: 16659140
Sorry, im an idiot, its suppoed to be this:

<HTML>
<BODY>
Hello, <%= request.getParameter( "username" ) %>
</BODY>
</HTML>

colr__
0
 

Author Comment

by:cool_baba
ID: 16659234
Yes it works .. So variables are accessable on second page.
it works for all browsers.
0
 

Author Comment

by:cool_baba
ID: 16662143
helloo Colr__ are u still working on your mission ?

0
 

Author Comment

by:cool_baba
ID: 16677694
Here is how i solved my problem..
 source : http://home.earthlink.net/~alxdark/software/wcd-guide/ch05s03.html

If the user has disabled cookies then session variables doesn't work as client browser doesn't allow to set cookie called SESSIONID, which carries the session id information for the server. To overcome this problem urlrewriting  is used  by every URL written out by a servlet or JSP page should be run through the

   public String HttpServletResponse.encodeURL( String url );
   public String HttpServletResponse.encodeRedirectURL( String url );

methods in the servlet API. first one (encodeURL) just attaches the sessionid with the url, second (encodeRedirectURL) rewrites url if cookies are disabled otherwise, sessionid cookie is stored on computer.

Code i posted above should be changed like this:

<HTML>
<BODY>
<FORM METHOD=POST ACTION="SaveName.jsp">
What's your name? <INPUT TYPE=TEXT NAME=username SIZE=20>
<P><INPUT TYPE=SUBMIT>
</FORM>
</BODY>
</HTML>

code for SaveName.jsp

<%
   String name = request.getParameter( "username" );
   session.setAttribute( "theName", name );
%>
<HTML>
<BODY>

<A HREF="<%= response.encodeRedirectURL("NextPage.jsp") %>">Continue</A>   //    CHANGE IN CODE
</BODY>
</HTML>

code for NextPage.jsp

<HTML>
<BODY>
Hello, <%= session.getAttribute( "theName" ) %>
</BODY>
</HTML>
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Choosing the right mix of apps is very much necessary for CPAs for making the most of the latest technology through which they can boost their growth.
How does storytelling impact the web? What goes into a great story on the web? And how can it be used for marketing purposes? All of these questions will be answered.
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month14 days, 1 hour left to enroll

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question