A fourth technique to perform session tracking involves persistent cookies. A cookie is a bit of information sent by a web server to a browser that can later be read back from that browser. When a browser receives a cookie, it saves the cookie and thereafter sends the cookie back to the server each time it accesses a page on that server, subject to certain rules. Because a cookie’s value can uniquely identify a client, cookies are often used for session tracking.
Cookies were first introduced in Netscape Navigator. Although they were not part of the official HTTP specification, cookies quickly became a de facto standard supported in all the popular browsers including Netscape 0.94 Beta and up and Microsoft Internet Explorer 2 and up. Currently the HTTP Working Group of the Internet Engineering Task Force (IETF) is in the process of making cookies an official standard as written in RFC 2109. For more information on cookies see Netscape’s Cookie Specification at http://home.netscape.com/newsref/std/cookie_spec.html and RFC 2109 at http://www.ietf.org/rfc/rfc2109.txt . Another good site is http://www.cookiecentral.com .
Version 2.0 of the Servlet API provides the
class for working with cookies. The
HTTP header details for the cookies are handled by the Servlet API.
You create a cookie with the
public Cookie(String name, String value)
This creates a new cookie with an initial name and value. ...