Configuring Cookie based session tracking

If you decide to use Cookies for session tracking then you can configure that behavior by clicking on Enable cookies hot link, you will get a screen like this




  1. Cookie Name: As per Servlet specification 2.4 the cookie name should be JSESSIONID. But you can change the cookie name


  2. Restrict cookies to HTTP Session: Enabling this feature restricts the exchange of cookies only to HTTPS sessions.


  3. Cookie maximum age: The amount of time that the cookie will live in the client browser. There are two choices:

    • Expire at the end of the current browser session

    • Expire at a configurable maximum age

    • If you choose the maximum age option, specify the age in seconds.




In addition to that there are two more properties that you can configure Cookie Domain and Cookie Path, Before we talk about that we will have to cover how the cookies work, When user makes a request to the server for the first time, server will generate a HTTP Session and return that cookie to the browser. After that whenever browser is making request to server it includes that cookie in header so that server can find out the user based on that cookie. The way cookies work in browsers is that you can limit the requests to which browser will forward the cookie Ex. lets say your environment you have public.webspherenotes.com and private.webspherenotes.com, and you configured your cookie domain to private.webspherenotes.com. Now if you go to webspherenotes.com server will generate cookie and send it to browser. Now if your browser is sending next request to webspherenotes.com it will check the domain of request if it is public.webspherenotes.com it wont include the cookie and that way server wont have any way of knowing that this request is coming from user1.

Same thing applies to cookie path, you can configure the path to say to say dynamic so that browser will include cookie when making request to www.webspherenotes.com/dynamic but not when you make request to www.webspherenotes.com/images or www.webspherenotes.com/js

3 comments:

srjwebsolutions said...

We are leading responsive website designing and development company in Noida.
We are offering mobile friendly responsive website designing, website development, e-commerce website, seo service and sem services in Noida.

Responsive Website Designing Company in Noida
Website Designing Company in Noida
SEO Services in Noida
SMO Services in Noida

EG MEDI said...

Egmedi.com is online medical store pharmacy in laxmi nagar Delhi. You can Order prescription/OTC medicines online.
Cash on Delivery available. Free Home Delivery


Online Pharmacy in Delhi
Buy Online medicine in Delhi
Online Pharmacy in laxmi nagar
Buy Online medicine in laxmi nagar
Onine Medical Store in Delhi
Online Medical store in laxmi nagar
Online medicine store in delhi
online medicine store in laxmi nagar
Purchase Medicine Online
Online Pharmacy India
Online Medical Store

Vikas Chaudhary said...


BatteryMantra is authorized exide battery dealer in Noida.
We also provide car battery, ups battery and invertor battery all major brands like luminous, exide, etc. Buy Battery Online for best battery.
http://www.batterymantra.com