Documentation Archive Developer
Search
Table of Contents Previous Section

Comparison of Storage Options

The following table summarizes the pros and cons of each of the state storage options. These options are discussed in more detail in the next section, "A Closer Look at Storage Strategies," but seeing an overall comparison might save you time in deciding which options to explore.
State in Server State in Page State in Cookies Custom Storage
Simplicity Simplest approach; WebObject's default. Relatively simple, but can involve design changes to application. Relatively simple. More complex.
Security Secure since state is on server and accessed by encrypted session IDs. Since data is passed to client, opens possibility that data could be modified by user. Since data is passed to client, opens possibility that data could be modified by user. If stored on server, can be as secure or more secure than state-in-server.
Scalability Can consume lots of memory. Also, can't use load balancing once state is established in a particular application instance. More scalable since any application instance can handle a request (because state is bundled with each request). Applications don't grow when new sessions are added. Not very scalable. Cookie specification limits capacity to 4K bytes per cookie, but some browsers have further limitations. Depends on design of storage. If file system or database used for storage, can scale to accommodate almost any need.
Reliability Least reliable, since if the server crashes, state is lost. More reliable, since a server crash doesn't affect state stored on client. More reliable, since a server crash doesn't affect state stored on client. Can be extremely reliable if state is stored in server file system or database.
Other Performance can suffer
if lots of data is passed back and forth between client and server. State can become out of sync, especially when using frames.
Client can refuse to accept cookies.

Table of Contents Next Section