7

I have a filter class with doFilter method. In the doFilter method, I am setting a cookie as follows

HttpServletResponse httpResp=(HttpServletResponse)servletResponse;
Cookie myCookie=new Cookie("test","");
myCookie.setValue("testValue");
myCookie.setPath("/");
myCookie.setDomain(".mydomain.com");
httpResp.addCookie(myCookie);
filterChain.doFilter(servletRequest,servletResponse);

Should this ideally work? Setting a cookie in httpResp(HttpServletResponse) object and then just forwarding servletResponse(ServletResponse) object

Strangely the cookie is set for some clients but for some others the cookie is not set. I have checked the cookie settings on client's browser and it looks ok.

BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
Sanjay
  • 103
  • 1
  • 2
  • 5
  • 1
    The code looks fine. The problem is caused elsewhere. E.g. `response.reset()` further down in the chain would clear all headers (and thus also all cookies which are set before). Run a debugger to naildown the cause. At least, this question can't be reliably answered without having an SSCCE at hands. – BalusC Jan 28 '13 at 16:08
  • There are no other filters. The chain ends at a servlet which simply forwards the same request and response to a JSP. So it is something like this. doFilter->Servlet->forward to JSP. Any possibility of headers getting lost?? – Sanjay Jan 28 '13 at 18:24
  • Well, as said, the problem is not visible in the code posted so far. It's caused elsewhere. E.g. a response reset, a wrong domain in the URL, incompatible cookie value, scheme change, poor proxy, etc...etc... There are too many possible causes so that answering is impossible without having an SSCCE at hands. – BalusC Jan 28 '13 at 18:25

2 Answers2

-1

You can use the HttpServletResponseWrapper to enable the filter to control the response over down stream filters or servlets are

https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletResponseWrapper.html

Here is a pretty good explanation of the wrapper: https://stackoverflow.com/a/7047298/1676293

Scott Boring
  • 2,601
  • 1
  • 25
  • 31
-3

This will work except you need to refactor the code to:

filterChain.doFilter(servletRequest,servletResponse);

HttpServletResponse httpResp=(HttpServletResponse)servletResponse; 

Cookie myCookie=new Cookie("test","");
myCookie.setValue("testValue");
myCookie.setPath("/");
myCookie.setDomain(".mydomain.com");
httpResp.addCookie(myCookie);

Add the cookie after the filterChain call so that another filter/servlet cannot do something that conflicts.

Καrτhικ
  • 3,833
  • 2
  • 29
  • 42
  • 2
    Bad advice. The chance is very big that the response is committed at that point (which usually happens automatically when written content is more than 2KB, depending on server config). You need to set response headers *before* the response is committed. – BalusC Jan 28 '13 at 16:34
  • I disagree. I think it is contextual. Your point is valid but depends on the app. My point is valid and depends on the app. – Καrτhικ Jan 28 '13 at 16:44
  • Your answer didn't cover that you need to hack/change the webapp's config/code to make the response buffer size infinite and never flush until all filters are finished. Even then, it would still have been a bad advice. You should answer solutions, not workarounds/hacks. – BalusC Jan 28 '13 at 16:45
  • 1
    Bad advice. Setting cookies after doFilter is not working. – Eugene Retunsky Apr 30 '16 at 01:02