how can i do sessions in java if some one disables cookies in my browser?

Question

I like to know if someone disables the cookies in my browser then cookies dont work for my browser then how can I do sessions in java. I am writing servlets for server side

Answer 1

The other answers are great; I don't need to repeat that. But I do have some additional comments.

Please don't put session data (the entire session) in a cookie, but only a session id, possibly hashed. It's way too easy for people to edit the contents of a cookie. Leave the session data on the server; possibly in a database if you have lots of concurrent users or sessions live very long.

If even the session id itself is very precious you could even put it in a POST parameter, thereby preventing that it occurs in the URL itself.