1

I am using cookie to avoid havind SID (session id). I try to set the cookie using the following method and retrieve it in my jsp file as shown blew, but it does not work. it just shows HelloSESSIONID.

Java 

public class Users {

 public void setcookie(){
      Cookie user = new Cookie("User","Miro");
      user.setMaxAge(60*60);
 }

Jsp 

<%@ page language="java"%>
<% Cookie cookies[] = request.getCookies(); 

           for (int i=0; i<cookies.length; i++) 
       {

        out.println("Hello"+cookies[i].getName()+ "> ");
       }
            %>
  • 1
    possible duplicate of [Using cookies with Struts 2 and Struts](http://stackoverflow.com/questions/3350554/using-cookies-with-struts-2-and-struts) – Luiggi Mendoza Jul 18 '13 at 04:19

3 Answers3

2
Cookie user = new Cookie("User","Miro");
user.setMaxAge(60*60);

You have to send the cookie, too:

response.addCookie(user);
Thilo
  • 257,207
  • 101
  • 511
  • 656
  • 1
    But you do know that the user can see and update the contents of his cookies at will? Fine for screen names, not so good for security-relevant things. – Thilo Jul 18 '13 at 04:05
  • I have two questions first is how to create that response object ? do you know of any alternative for security-relevant cases? –  Jul 18 '13 at 04:07
  • You don't "create" the response object, the servlet container gives it to you. The usual alternative for security-relevant data is server-side session storage (which you don't seem to like for some reason). – Thilo Jul 18 '13 at 04:08
  • @MirMoorido there's a `HttpServletResponse response` parameter in your `doGet` and your `doPost` methods of your servlet. – Luiggi Mendoza Jul 18 '13 at 04:10
  • @LuiggiMendoza I am using strust2 and need to implement these in action class would yhou give me an example for that? –  Jul 18 '13 at 04:12
  • 1
    @MirMoorido then use the proper tags for your question and provide the real code you're working with, we can't just guess your exact problem. – Luiggi Mendoza Jul 18 '13 at 04:14
2

Here is an example to use cookies with Struts 2.

public class MyAction extends ActionSupport implements ServletResponseAware, ServletRequestAware {

      public int division;

      public String execute() {

        // Load from cookie
        for(Cookie c : servletRequest.getCookies()) {
          if (c.getName().equals("cookieDivision"))
            division=Integer.parseInt(c.getValue());
        }

        // Save to cookie
        Cookie div = new Cookie("cookieDivision", String.format("%d",division));
        div.setMaxAge(60*60*24*365); // Make the cookie last a year
        servletResponse.addCookie(div);

        return "success";
      }

      // For access to the raw servlet request / response, eg for cookies
      protected HttpServletResponse servletResponse;
      @Override
      public void setServletResponse(HttpServletResponse servletResponse) {
        this.servletResponse = servletResponse;
      }

      protected HttpServletRequest servletRequest;
      @Override
      public void setServletRequest(HttpServletRequest servletRequest) {
        this.servletRequest = servletRequest;
      }
    }
Ankur Lathi
  • 7,636
  • 5
  • 37
  • 49
0

You need to define a path for your cookies. For example to make it accessible in all pages of your application use the following 

 user.setPath("/");
 or
 user.setDomain("example.com");
J888
  • 1,944
  • 8
  • 42
  • 76