Programmer's Guide Previous Up One Level Next
Servlet Programming Techniques


Working with cookies

Cookies are a general mechanism used by server-side applications to store information in individual browsers. Cookies stored in a browser can be retrieved by the server-side application. With cookies, your web application can create variables specifically for each individual browser. Such variables might include a user name or the last-accessed date.

If you enable session tracking with cookies, JRun creates a session-tracking cookie named JSESSIONID. You can change the name of the session-tracking cookie in the cookie-config section of the jrun-web.xml file. For more information, see "Configuring sessions in the jrun-web.xml file".

Defining the lifespan of cookies

Cookies provide a session persistence mechanism that you can use to compensate for the HTTP protocol's stateless nature. A cookie can be temporary or permanent:

The maximum age of a cookie indicates to the browser how long the cookie is valid. The value is stored in the cookie. You define this setting in the jrun-web.xml file as cookie-max-age. On the browser side, once the cookie-max-age reaches the end of its lifespan, the browser deletes the cookie file. For more information, see "Configuring sessions in the jrun-web.xml file".

The session time-out of a cookie indicates how long JRun maintains the cookie in the server's memory while the session is inactive. Once the session reaches its session time-out, JRun destroys the session object on the server side, as described in "Changing session time-out".

Creating cookies

This section describes how to explicitly create a cookie. If you are using cookies for session persistence, then JRun implicitly creates a cookie when you call the getSession method.

To create a cookie:

  1. Establish the value to be saved in the cookie, as the following lines show:
    Date dt = new Date();
String todayString = dt.toString();
  2. Create a new Cookie object, as the following lines show:
    // Create the cookie instance
// This example saves the current date and time.
Cookie lastVisit = new Cookie("lastVisit", todayString);
  3. Set a time-out for the cookie, in seconds, as the following line shows:
    lastVisit.setMaxAge(60*60*24*365); //do not destroy this cookie for a year
  4. Send the cookie back to the browser by associating the Cookie object with the servlet response object, as the following line shows:
    resp.addCookie(lastVisit);

Accessing cookies

This section describes how to explicitly access the values stored by a cookie. If you are using cookies for session persistence, then JRun provides convenience methods for accessing session values.

To access cookies:

  1. Access cookies through the HttpServletRequest object's getCookies method, as the following line shows:
    Cookie[] myCookies = req.getCookies();
  2. Use the Cookie object's getName and getValue methods to access cookies and their values. The following example displays cookie names and their associated values:
    for(int i=0; i<myCookies.length; i++) {
��out.println("Cookie name: " + myCookies[i].getName());
��out.println(" Value: " + myCookies[i].getValue() + "<br>");
}

Alternatives to cookies

While cookies are by far the most common mechanism used for state management and are currently supported by all major commercial browsers, the support varies, and clients can use browser settings to disable cookie support.

For more information on sessions, see "Working with sessions".

You can use the following alternative mechanisms for maintaining state with sessions:

Previous Up Next

 

Send me an e-mail when comments are added to this page | Comment Report

Current page: http://livedocs.adobe.com/jrun/4/Programmers_Guide/techniques_servlet18.htm