A comparison of cookies and sessions based on Java _java

Comparison of Cookie and session

First, for cookies:

①cookie is created on the server side

②cookie saved in Browser end

The ③cookie lifecycle can be set by Cookie.setmaxage (2000), and if no setmaxage is set,

The lifetime of the cookie dies when the browser closes

④cookie can be shared by multiple browsers of the same type to think of cookies as a table

Comparison:

Location of ①:

Cookies exist in the client, temporary folder

Session: exists in the server's memory, a session domain object for a user browser service

② Security

Cookies are stored in plaintext in the client, security is low, can be encrypted by a cryptographic algorithm to store

Session is stored in the server's memory, so security is good

③ Network Transmission Volume

Cookies will pass messages to the server

Session itself is stored on the server and there is no traffic

④ lifecycle (take 20 minutes as an example)

(1) The life cycle of the cookie is cumulative, starting at the time of creation, the timer is 20 minutes later, the cookie lifecycle is over,

(2) The life cycle of the session is the interval, from the time of creation, start the timing, such as in 20 minutes, no access session, then the session lifecycle is destroyed

However, if the session is accessed within 20 minutes (for example, at 19 minutes), the session life cycle is recalculated

(3) The closing opportunity causes the session life cycle to end, but has no effect on the cookie

⑤ Access Scope

Session is exclusive to a user's browser

Cookies are shared by multiple user browsers

The method that causes the session to fail:

1. Turn off Tomcat

2.reload Web Applications

3.session Time to

4 Invalidate session

This is based on the Java cookie and session of the comparison is small series to share all the content, hope to give you a reference, but also hope that we support the cloud habitat community.