Skip to Main Content
Forums

Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Tomcat Session Management

843841Mar 10 2005 — edited Dec 29 2005
Hello.

I have a question about how Tomcat performs session managment that I can't quite seem to find an answer for.

When you put data into a session, such as a logonid, is the session data sent back to the client and stored in the cookie, or is it kept on the server side (in memory?) and accessed via the sessionid when the user returns? If you use WebScarab or achilles to watch the traffic, it doesn't appear that the data goes back to the client. (Which is a good thing for security). Just wanted to confirm that.

Thanks very much.
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jan 26 2006
Added on Mar 10 2005
#java-servlet
9 comments
724 views