I have an application which have a login filter, in which I am creating the cookie like below.
Cookie ck = new Cookie("testCookie","Value");
ck.setPath("/");
response.addCookie(ck);
And in the logout button I am removing the cookie like below.
Cookie ck = new Cookie("testCookie",null);
ck.setPath("/");
ck.setMaxAge(0);
response.addCookie(ck);
But when I try to login again the cookie is existing. I have followed the link
Please let me know how can i remove the cookie completely when i logout from the application.
http://tutorials.jenkov.com/java-servlets/cookies.html
hope it helps. try
Cookie ck = new Cookie("testCookie","");
instead of using null as value
The cookie was not getting deleted because I was using a response.sendRedirect before the response.addCookies.
Related
I am stuck in cookie clean up issue.
We have created cookie value with domain : .www.parent.com
And later we changed code base to create cookie values in domain : .parent.com
This is giving us cookie values from both the domains and messing up with our code. Is there a way to delete cookies from .www.parent.com via java code ?
I have already tries doing like this :
Cookie cookie = new Cookie("oldCookie" , null);
cookie.setMaxAge(0); or cookie.setMaxAge(-1);
cookie.setPath("/");
response.addCookie(cookie);
You might want to get all the cookies the client has stored and check them, using request.getCookies(), which returns a Cookie array.
In that way, you'll need to check anyone for the wanted domain and set its TTL with something like this:
Cookie[] c=request.getCookies();
for(int i=0;i<c.length;i++){
if(c[i].getDomain().equals(".www.parent.com")){
c[i].setMaxAge(0);
response.addCookie(c[i]);
}
}
This way, the cookie you're passing to the response should have exactly the same name, path and any other attribute except for maxAge value being 0.
I'm tryng to edit the value of an existing cookie, but in vain. I even tried deleting the cold cookie and creating a new one with new value but even that didnt work. Code snippet for editing a cookie:
Cookie modifyCookie= new Cookie(cookie.getName(), newValue)
modifyCookie.setMaxAge(30000)
modifyCookie.setPath("/")
response.addCookie(modifyCookie)
Deleting and creating a new one :
//Deleting the old one
Cookie oldCookie = new Cookie(cookie.getName(), null)
oldCookie.setMaxAge(0);
oldCookie.setPath("/")
response.addCookie(oldCookie);
//Creating a new one
Cookie newCookie = new Cookie(newCookieName, newValue
newCookie.setMaxAge(30000)
newCookie.setPath("/")
response.addCookie(newCookie)
Neither the existing cookie is getting changed nor the old one is getting deleted and new one is getting created
Can you please tell me what is missing?
#rukavitsya
Thanks for your inputs.Issue resolved.
The problem was I was adding cookie to response after the response was sent. Hence cookie was not getting reflected in subsequent requests.
I edited the existing cookie in foll way :
Cookie oldCookie = new Cookie(cookie.getName(), newValue)
oldCookie.setMaxAge(30000);
oldCookie.setPath("/")
oldCookie.setDomain("domain.com")
response.addCookie(oldCookie);
When i edited the cookie before sending the response, things worked as expected.
I am tying to create a cookie with path and domain values using a selenium cookie class constructor:
Cookie newCookie= new Cookie(name, value);
driver.manage().addCookie(newCookie);
I am able to get cookie with -
cookieSet=driver.manage().getCookies();
but when I am trying to do something like,
Cookie newCookie= new Cookie(name, value, domain, path, expiry);
driver.manage().addCookie(newCookie);
I am able to create cookie , I can see the cookie is added in Firefox cookies, but when I try to get cookie with -
cookieSet=driver.manage().getCookies();
it is not getting that particular cookie
Why so?
You can get cookie by it's name and then looking at it, you can check if your cookie is created or not -
driver.manage().getCookieNamed("cookieName");
This my code for setting new cookie
Cookie citizen = new Cookie("citizen",email);
citizen.setMaxAge(3600);
response.addCookie(citizen);
now i'm using this code for destroying the cookie
Cookie[] cookies = request.getCookies();
for(int i = 0; i < cookies.length; i++) {
if (cookies[i].getName().equals("citizen")) {
cookies[i].setMaxAge(0);
response.addCookie(cookies[i]);
}
}
But, i'm still getting cookie value. Help will be appreciated !!
below link might help you..
How can delete information from cookies?
Good Luck!!!
Let me know incase of any further queries...
I was having a problem similar to this, where the cookie retained the value even after setting max age to 0 and the value to "".
I used firefox to look at the cookie attributes to help debug. When logging in, the servlet called my cookie class to set the cookie, and the cookie path was "/javawork/". When logging out, the JSP page called the same cookie class to "delete" the cookie by setting the max age to 0. But the JSP page was in a sub folder in the web app, so the when I created a cookie of the same name with max age of 0, it created a new cookie with the path "/javawork/test_login/".
So that "new" cookie immediately expired, but the original one still existed. In my delete cookie function I needed to set the path of the "new" cookie to be "/javawork/", and when I set the max age to 0 and added it, it updated the original cookie and let me properly log out.
I hope that helps.
The option correct will be
Cookie cookie = new Cookie("citizen", "citizen");
cookie.setMaxAge(0);
cookie.setValue("");
response.addCookie(cookie);
if you try to get the cookie from request for next add it to response with setMaxAge(0), you could see that the cookie doesn't been removed.
Try to add this line:
cookies[i].setMaxAge(0);
//add this line
cookies[i].setPath("/");
response.addCookie(cookies[i]);
This works for me -
Cookie UIDCookie = new Cookie(COOKIE_KEY, "");
UIDCookie.setMaxAge(0);
UIDCookie.setPath("/");
response.addCookie(qptUIDCookie);
We can delete a cookie by setting max age as zero.
For example:
Cookie[] cookies = request.getCookies();
cookies[0].setMaxAge(0);
response.addCookie(cookies[0]);
Here we delete only the first cookie
I implemented "Remember me" functionality in my web app. I did this using a cookie that contains username/password encrypted using RSA.
I add the cookie when I login; if then I logout (without closing browser) the cookie is read ok and in the login page I see username/pass already typed.
But if I close the browser; or close tab and run the application again, when the cookies are read, the only cookie that is read is the JSESSIONID. the cookie with the credentials is not in the array returned by
((HttpServletRequest)facesContext.getExternalContext().getRequest()).getCookies();
even though I can see it in the browser. why is that?
This is the code that creates the cookie:
String credentials = username + "?" + password;
Cookie c = CookieHandler.getInstance().createCookie("vtcred", credentials, rememberMe);
FacesContext facesContext = FacesContext.getCurrentInstance();
((HttpServletResponse) facesContext.getExternalContext().getResponse()).addCookie(c);
and method createCookie:
public Cookie createCookie(String name, String value, boolean rememberMe) {
value = encript(value);
Cookie credCookie = new Cookie(name, value);
credCookie.setHttpOnly(true);
if(rememberMe) {
credCookie.setMaxAge(86400);
}
else {
credCookie.setMaxAge(0);
}
return credCookie;
}
Edit: I am setting the cookie's max age to one day; and in the browser I can see that the cookie expires tomorrow, so that's not the problem
Thanks in advance,
Damian
edit2: this is very odd, but it seems to be working now. I'll keep testing it and notify. Thanks.
I found why sometimes a cookie is not read. It has to do with the path attribute.
If anyone is having this issue, set the path of the cookie, like this:
Cookie c = new Cookie("name", "value");
cookie.setMaxAge(86400);
cookie.setPath("/");
Regards
You might want to set the cookie with an expiration date. If you dont , it will only last as long as the browser session.