J2EE - Interview Questions and Answers on Cookie

Q1.  What is a cookie ?

Ans. A cookie is a small piece of text stored on a user's computer by the browser for a specific domain. Commonly used for authentication, storing site preferences, and server session identification.

Q2.  what is the use of cookie and session ? and What is the difference between them ?

Ans. Cookie and Session are used to store the user information. Cookie stores user information on client side and Session does it on server side. Primarily, Cookies and Session are used for authentication, user preferences, and carrying information across multiple requests. Session is meant for the same purpose as the cookie does. Session does it on server side and Cookie does it on client side. One more thing that quite differentiates between Cookie and Session. Cookie is used only for storing the textual information. Session can be used to store both textual information and objects.

Q3.  Why using cookie to store session info is a better idea than just using session info in the request ?

Ans. Session info in the request can be intercepted and hence a vulnerability. Cookie can be read and write  by respective domain only and make sure that right session information is being passed by the client.