how is it better to save user data in sessons or cookies? [modified]
-
hi.. how is it better to save user data like user name,email,etc in sessons or cookies?comparing both security and performance issues. generally is it ok to store the data which is used in all pages at session variables and remaining data in cookies or how to decide about it. suggestions or on Any link which helps me to decide about this is also welcom thnks for help in advance -- modified at 6:44 Wednesday 21st February, 2007
Rama Charan Prasad "Be happy and Keep smiling.Thats what u want be always..:)"
-
hi.. how is it better to save user data like user name,email,etc in sessons or cookies?comparing both security and performance issues. generally is it ok to store the data which is used in all pages at session variables and remaining data in cookies or how to decide about it. suggestions or on Any link which helps me to decide about this is also welcom thnks for help in advance -- modified at 6:44 Wednesday 21st February, 2007
Rama Charan Prasad "Be happy and Keep smiling.Thats what u want be always..:)"
Cookies are not secure, generally speaking session variables are. If you have sensetive data to be stored use the session, and make sure the session data is stored server-side. Using cookies will reduce the memory footprint of your application on the server, but will add more data for the user to download. Its a tough question if you have large amounts of data to store - who takes the hit, user or server? I'd normally opt for the server (sessions), its easy to throw RAM at a machine, not as easy to extend users patience while a page downloads.
-
Cookies are not secure, generally speaking session variables are. If you have sensetive data to be stored use the session, and make sure the session data is stored server-side. Using cookies will reduce the memory footprint of your application on the server, but will add more data for the user to download. Its a tough question if you have large amounts of data to store - who takes the hit, user or server? I'd normally opt for the server (sessions), its easy to throw RAM at a machine, not as easy to extend users patience while a page downloads.
hi.. thanks for the suggestion... if you know any links for also pls suggest . can anyone explain in detail ... thnks in advance -- modified at 9:46 Wednesday 21st February, 2007
Rama Charan Prasad "Be happy and Keep smiling.Thats what u want be always..:)"
-
hi.. thanks for the suggestion... if you know any links for also pls suggest . can anyone explain in detail ... thnks in advance -- modified at 9:46 Wednesday 21st February, 2007
Rama Charan Prasad "Be happy and Keep smiling.Thats what u want be always..:)"
I will try to explain you in more details. Session Vs Cookies 1) Session objects are stored in server memory e.g IIS memory on the other hand cookies stored at client machine. 2) Now when it is stored at client machine then we can have some concerns like security, cookieless browser, user delete the cookies etc... 3) Issues with Session is, if your server goes down then you loose the session value if you are using inproc session mgt. 4) Session can not be used in case of web farming (Load balancing) SO now it is upto you as application arch, where you want to store....And if you need more information then google it...Session Vs Cookies.... Thanks Amit
-
I will try to explain you in more details. Session Vs Cookies 1) Session objects are stored in server memory e.g IIS memory on the other hand cookies stored at client machine. 2) Now when it is stored at client machine then we can have some concerns like security, cookieless browser, user delete the cookies etc... 3) Issues with Session is, if your server goes down then you loose the session value if you are using inproc session mgt. 4) Session can not be used in case of web farming (Load balancing) SO now it is upto you as application arch, where you want to store....And if you need more information then google it...Session Vs Cookies.... Thanks Amit
thanks for reply ...its very clear its new thing i learnt that " session cannot be used in webfarming "<--can i know why? then only way to solve the issue then is to use cookies? i want to make my question once again clear that i am asking when to use what , may be some realtime scenarios if possible or what tradeoff or tips we can use for making a balanced application .maybe like what data can be used for sessions data and what data can be used for storing in cookies? anyone more who want to share your views more about when to use cookies and when to use sessions are please welcome to write it down here...... thnks for your effort and time in advance
Rama Charan Prasad "Be happy and Keep smiling.Thats what u want be always..:)"