On Mon, 29 Apr 2002, pixel wrote:

> Date: Mon, 29 Apr 2002 17:42:13 -0400
> From: pixel <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Cc: Tomcat Users List <[EMAIL PROTECTED]>,
>      "Struts Users (E-mail)" <[EMAIL PROTECTED]>
> Subject: Re: Off topic:cookies nightmare!!!!!!!!
>
> John,
>
> I had a similar problem, which seem to be resovled by explicitly setting
> the path of the cookie to "/" before adding it to the response.
>
>     Cookie userCookie = new Cookie("U_ID", userId);
>     userCookie.setMaxAge(946080000);
>     userCookie.setPath("/");
>     httpResp.addCookie(userCookie);
>
> After reading the Servlet docs, it seems the behaviour for setting a
> cookie without first setting it's path is undefinded. I've found that
> with Tomcat, new Cookies use the current URL of the request instead of
> the "/" when a path is not specified. I also believe there may have been
> a few bugs with previous versions of Tomcat and Cookies which have been
> resolved with newer versions.
>

Setting the cookie path to "/" will cause this cookie to be sent back to
*all* web applications on your server, not just yours.  It is safer to set
the cookie path to return just to your web application:

  userCookie.setPath(request.getContextPath());

> Hope this helps,
>
> ~Scott

Craig


--
To unsubscribe:   <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>

Reply via email to