Thursday, April 19, 2001 10:27 AM
Cookies are basically for tracking the user session.
With Cookies you can only store very less data in client's machine.
HttpSession is also used for tracking the user session, but huge data can be stored on the server side for each user. If data is to be shared across servlets, then HttpSession can be used apart from ServletContext.
If Cookies are disabled in the client's machine(browser) then both cannot be used. HttpSession also indirectly lies on Cookies. When cookies are disabled then user session can be tracked through UrlRewriting techniques.