Should session cookie be kept in shared preferences?

The Volley networking library (Google IO 2013), does not support cookies out of the box. This may be true of other android networking libraries as well. hopefully it will be added soon, since many rest services do require cookies. Therefore the session cookie needs to be maintained somewhere, so my question is if you have to keep the cookie somewhere in the android client where should it be?

1) inside SharedPreferences? 2) inside a static member variable of some class like the application class? 3) none of the above.

What are advantages of putting cookie in SharedPreferences over static member variable. Also is there any need to implement timeout of a cookie?

Now normally this is a function of the Http stack to handle this. However volley switches dynamically between HttpClient and HttpConnectionURL depending on the version of Android. So I'm not sure if both of these clients can be setup to always return the cookie?

Thanks


The biggest difference between SharedPreferences and a static member is that the SharedPref will survive multiple sessions. That is, the static member will always be reset to null when your app leaves memory, which it can do whenever it isn't the forefront app. The SharedPref's are reasonably protected (don't use MODE_WORLD_READABLE!), so it's not a bad idea to keep them there.

Concerning timeouts, you can always try the connection with the saved cookie, and then get a new one (by logging in again) whenever you encounter the timeout error response from the server.

链接地址: http://www.djcxy.com/p/87918.html

上一篇: 在Android中通过http调用维护会话

下一篇: 会话cookie应该保存在共享偏好中吗?