Re: Removing or deleting cookies

Fri, 13 Oct 2000 05:50:42 -0700 

Jon,

Taken from the cookie spec
(http://home.netscape.com/newsref/std/cookie_spec.html):

"If a CGI script wishes to delete a cookie, it can do so by returning a cookie
with the same name, and an expires time which is in the past. The path and name
must match exactly in order for the expiring cookie to replace the valid
cookie. This requirement makes it difficult for anyone but the originator of a
cookie to delete a cookie."

cheers,

-hendrik

- - - - - - - - - - - - - - - - - - - - - - - - - - -
  tagtraum industries      http://www.tagtraum.com/
  jo!                 small&smart 2.2 servletengine
  Java Server & Servlets   The web-application book
  The WebApp Framework        http://www.webapp.de/


Jon Barber wrote:

> Dear all,
>
> I have a generic web programming question about the use of cookies for
> user authentication.
>
> For various reasons I want to use something like mod_auth_mda
> (http://www.frogdot.de/mod_auth_mda/) for user authentication with
> apache.  Briefly, this sets a cookie in the browser once a user has been
> validated and subsequent requests to restricted areas are granted or
> not on the basis of the cookie.
>
> I have this working with a servlet generating the necessary cookie and
> storing it in the browser.  However, I can't work out how to explicitly
> log the user out, i.e., how do I remove the cookie ?  This is the only
> way I can see to log the user out, as an external module actually
> processes the future requests; my servlet only handles the login.
>
> All suggestions gratefully received.
>
> Jon.
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

Reply via email to