The difference between session cookie application

Method	Information size	Save time	Application scope	Save location
Application	Any size	Lifetime of the entire application	All Users	Server-side
Session	Small, simple data	User activity time + a delay time (general is 20 minutes)	Individual users	Server-side
Cookies	Small, simple data	Can be set as required	Individual users	Client

1.Application objects
Application is used to hold public data information for all users, and if you use application objects, one of the issues to consider is that any write operations are in the Application_OnStart event (Global.asax) is completed. Although the Application.Lock and Applicaiton.unlock methods are used to avoid synchronization of the write operation, it has serialized the request for the Application object. Serious performance bottlenecks occur when the site is heavily visited. It is therefore best not to save large data collections with this object

2.Session objects
Session is used to save private information for each user. Her lifetime is the user's persistent request time plus a period of time (typically 20 minutes or so). The information in the session is saved in the Web server content, and the amount of data saved can be large or small. The saved data information is automatically freed when the session expires or is closed. Because the user stops using the application, it remains in memory for a period of time, Therefore, using the session object makes it very inefficient to save user data. For small amounts of data, it is a good idea to use session objects to save. The code for saving information using the Session object is as follows:

// store information
session["username"]="Zhouhuan ";
// read Data
string UserName=session["UserName" ]. ToString ();

3.Cookie objects
Cookies are used to store request information from a client's browser requesting a server page, and the programmer can use it to store non-sensitive user information, which can be set as needed. If the cookie expiration date is not set, They are only saved until the browser program is closed. If you set the Expires property of a cookie object to MinValue, the cookie will never expire. Cookies are limited in the amount of data stored, and most browsers support a maximum capacity of 4096. So don't use it to save datasets and lots of other data. Because not all browsers support cookies, and the data information is stored in clear text in the client computer, it is best not to save sensitive, unencrypted data, Doing so will affect the security of your site. The code saved with the cookie object is as follows:

// store information
response.cookies["UserID"]. Value="0001" ;
// read information
string userid=response.cookies["UserID"] . Value;

Summarize:

1, the session is saved in the server, the client does not know the information; the cookie is stored on the client and the server is able to know the information. Cookies have a capacity limit and the session is not too restrictive.
2. The object is saved in the session, and a string is saved in the cookie.
3, the session can not distinguish between the path, the same user during a visit to a website, all sessions in any place can be accessed. In the cookie, if the path parameter is set, the cookies under different paths in the same Web site are inaccessible to each other.
4. The session needs a cookie to work properly. If the client completely prohibits cookie,session, it will fail.

5 session After the end of user sessions will be closed, but the cookie is saved in the client, can be stored for a long time, the session with a key value pair, that is, the ID of the client, and the value on the server side, is the user ID to find the corresponding value on the server, this way value placed on the server side , there is a time limit, and the server automatically releases the time.

application: corresponds to a Web application where all servlet/jsp in the application share the information in the application (ServletContext)

The difference between session cookie application