Server side cookies
Category show-n-tell thursday
Well, I guess it's that time again. I'd completely forgotten it was Thursday until I saw Ben's latest handy tip show up in my Live Bookmarks. Yes, I agree that it's weird that I can't keep track of what day it is. Oh well. On to the tippage.
Cookies have a bad reputation these days. They were a good idea once upon a time, but they've since been so abused that most people now just lump them in with spyware even though certain cookies are still totally benign. Say, for instance, session authentication in Domino. We like that cookie. But Domino also gives us an easy way of simulating cookies from the server side via the oft-forgotten profile document.
Formula, LotusScript, and Java all support inclusion of a unique key when accessing or setting profile document values, so by passing in the user name as the unique key, you can store and retrieve each user's preferences and/or history. Just remember that any web agents using this approach must be set to run as the web user, unless you have some other handle on who the user is at the time. This ends up being a heck of a lot easier than having to pass a bunch of query string parameters in every URL. It also ensures that a user's preferences travel with them, whereas the use of true cookies requires them to set them anew each time they access the site from a different computer.
Sadly, this is all based on the assumption that your users are authenticated... this can still be done for anonymous users by generating unique session ID's, but most of the benefits are fleeting.
Technorati tag: Show-n-tell thursday
Well, I guess it's that time again. I'd completely forgotten it was Thursday until I saw Ben's latest handy tip show up in my Live Bookmarks. Yes, I agree that it's weird that I can't keep track of what day it is. Oh well. On to the tippage.
Cookies have a bad reputation these days. They were a good idea once upon a time, but they've since been so abused that most people now just lump them in with spyware even though certain cookies are still totally benign. Say, for instance, session authentication in Domino. We like that cookie. But Domino also gives us an easy way of simulating cookies from the server side via the oft-forgotten profile document.
Formula, LotusScript, and Java all support inclusion of a unique key when accessing or setting profile document values, so by passing in the user name as the unique key, you can store and retrieve each user's preferences and/or history. Just remember that any web agents using this approach must be set to run as the web user, unless you have some other handle on who the user is at the time. This ends up being a heck of a lot easier than having to pass a bunch of query string parameters in every URL. It also ensures that a user's preferences travel with them, whereas the use of true cookies requires them to set them anew each time they access the site from a different computer.
Sadly, this is all based on the assumption that your users are authenticated... this can still be done for anonymous users by generating unique session ID's, but most of the benefits are fleeting.
Technorati tag: Show-n-tell thursday
Comments
I'm using the McAfee software that comes with Comcast and one of the options, as part of virus scan, firewall and spamkiller is the option to allow or disallow cookies. I only allow cookies for websites that I know and trust. whenever the option to allow or disallow cookies comes up for sites that I'm not visiting or don't fully trust, i.e. ones that have "ad" in them or are just IP addresses or just ones that have nothing to do with the site I'm on, I always disallow those.
Posted by Mike Koenig At 23:25:46 On 05/13/2006 | - Website - |