| |

VerySource

 Forgot password?
 Register
Search
View: 1801|Reply: 12

Authentication session vs cookies

[Copy link]

2

Threads

17

Posts

11.00

Credits

Newbie

Rank: 1

Credits
11.00

 China

Post time: 2020-1-23 20:40:01
| Show all posts |Read mode
Authentication session and cookie, what are the advantages and disadvantages of each, which website is suitable for each?

Brother new, not too clear, do you have any prawns?
Reply

Use magic Report

0

Threads

6

Posts

4.00

Credits

Newbie

Rank: 1

Credits
4.00

 China

Post time: 2020-2-7 23:45:02
| Show all posts
For high security requirements, use session
Reply

Use magic Report

0

Threads

10

Posts

4.00

Credits

Newbie

Rank: 1

Credits
4.00

 China

Post time: 2020-2-8 00:15:01
| Show all posts
Cookies are troublesome if the client is disabled. And the client is not very secure.
Sessions burden the server. But I always use session
Reply

Use magic Report

0

Threads

2

Posts

3.00

Credits

Newbie

Rank: 1

Credits
3.00

 China

Post time: 2020-2-8 09:30:01
| Show all posts
Same as upstairs
Reply

Use magic Report

2

Threads

17

Posts

11.00

Credits

Newbie

Rank: 1

Credits
11.00

 China

 Author| Post time: 2020-2-14 20:30:01
| Show all posts
Hehe, I know, is there anything else that is particularly different?
Reply

Use magic Report

0

Threads

2

Posts

2.00

Credits

Newbie

Rank: 1

Credits
2.00

 China

Post time: 2020-2-15 09:15:01
| Show all posts
Session is a server-side storage space maintained by the application server. When users connect to the server, the server will generate a unique SessionID, and use the SessionID as an identifier to access the server-side session storage space. The SessionID data is saved to the client and saved with cookies. When a user submits a page, the SessionID is submitted to the server to access the Session data. This process requires no developer intervention. So once the client disables cookies, the session will also fail.

The server can also pass the value of SessionID through URL rewriting, so it does not rely entirely on cookies. If client-side cookies are disabled, the server can automatically save the session value by rewriting the URL, and this process is transparent to the programmer.

You can try it, even if you do n’t write cookies, you are using request.getCookies (); the length of the cookie array is 1, and the name of this cookie is JSESSIONID, and there is a long binary string, which is the value of SessionID.

Cookies are the storage space of the client and are maintained by the browser.
Go from http://www.ideagrace.com/club/read.php?tid=597
Reply

Use magic Report

1

Threads

7

Posts

6.00

Credits

Newbie

Rank: 1

Credits
6.00

 Canada

Post time: 2020-2-15 14:45:02
| Show all posts
I now use FORM authentication, and I prefer this. The expiration of Session is not suitable for what I use now.
Reply

Use magic Report

0

Threads

2

Posts

3.00

Credits

Newbie

Rank: 1

Credits
3.00

 China

Post time: 2020-2-16 14:30:01
| Show all posts
Each has its own advantages! However, I feel that it is not as good as FORM certification.
Reply

Use magic Report

2

Threads

17

Posts

11.00

Credits

Newbie

Rank: 1

Credits
11.00

 China

 Author| Post time: 2020-7-6 10:30:02
| Show all posts
Thank you. . . . . .
Reply

Use magic Report

0

Threads

18

Posts

15.00

Credits

Newbie

Rank: 1

Credits
15.00

 China

Post time: 2020-7-6 11:30:01
| Show all posts
Session expiration is very troublesome, it is better to use form authentication
Reply

Use magic Report

You have to log in before you can reply Login | Register

Points Rules

Contact us|Archive|Mobile|CopyRight © 2008-2023|verysource.com ( 京ICP备17048824号-1 )

Quick Reply To Top Return to the list