Java - How do cookies work?
Tue, 04/30/2013 - 20:42 | 
adminCookies are the way a server save information on a client disk that may be used the next time you connect to the same website, in order to personalize the service.
This is an HTTP header from the server, used to save a cookie:
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2012 20:00:12 GMT
Server: Apache/1.3.12 (Unix) Debian/GNU mod_perl/1.24
Set-Cookie: name=myusername; expires=Friday, 05-Mar-08 20:00:00 GMT;
path=/; domain=javaprogrammers.com
Connection: Keep-Alive
Content-Type: text/html
This is the HTTP header from the client, the second time it connects to the same website:
GET / HTTP/1.0
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png
Host: javaprogrammers.com
Cookie: name=myusername
There are many ways to create/read/delete cookies, but it's not a good practice to create or delete a cookie inside a JSP. It's better instead to separate the logic from the view, so to have:
Servlet (logic): creation
Servlet (logic): deletion
Jsp (view): read
There is a second reason for this approach. It isn't even possible to create or delete cookies using JSTL or custom tags, because at the time the body response is being generated, the HTTP header is already processed. And it's not a good practice to write scriptlet code.
Here's a simple example to show the three main operations (create, read and delete).
Servlet code:
package org.davis.server;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* This servlet show how to create and delete cookies
* @author fiored
*/
@WebServlet("/doCookie")
public class CookieExample extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* <p>Accept a GET request and dispatch it to a JSP</p>
* @param request - Http request
* @param response - Http response
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
if ("create".equals(request.getParameter("action"))) {
// Create a new cookie
Cookie newCookie = new Cookie(request.getParameter("name"),
request.getParameter("value"));
// set the expiration date
newCookie.setMaxAge(60*60*24);
// Add the cookie to the response
response.addCookie(newCookie);
} else if ("delete".equals(request.getParameter("action"))) {
// Get the name of the cookie to delete
String cookieName = request.getParameter("name");
// Get the list of all the cookies
Cookie[] cookieList = request.getCookies();
if (cookieList != null) {
for (int i = 0; i < cookieList.length; i++ ) {
if (cookieList[i].getName().equals(cookieName)) {
// Delete the cookie
cookieList[i].setMaxAge(0);
response.addCookie(cookieList[i]);
}
}
}
}
// Dispatch the request to the view
RequestDispatcher dispatcher = request.getRequestDispatcher("cookie.jsp");
dispatcher.forward(request, response);
}
}
Jsp code:
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01
Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Cookie example</title>
</head>
<body>
<p>List of the cookies:</p>
<c:forEach items="${cookie}" var="currCookie">
<p>
Cookie Name = ${currCookie.value.name} <br />
Cookie Value = ${currCookie.value.value}
</p>
</c:forEach>
</body>
</html>
You can create a cookie in that way
http://localhost:8080/CookieApp/doCookie?action=create&name=country&valu...
You can delete a cookie in that way
http://localhost:8080/CookieApp/doCookie?action=delete&name=country
You can read the cookies in that way