Thanks for the reply.
I am unable to tell where the cookie is coming from, so instead I have
created a filter (declared in web.xml).
Inside the filter I get all the cookies in the incoming HttpServletRequest
object and where the getMaxAge() returns -1, I set it to 129600 (then call
addCookie on the HttpServletResponse object). However, when I look at the
expiry date in the browser, it's still in 2019.
I've included the filter code below.
Thanks,
Dave
public void doFilter(ServletRequest req, ServletResponse res, FilterChain
chain) throws IOException, ServletException
{
check();
m_Logger.debug("Calling doFilter on the CookieExpiryFilter");
HttpServletResponse response = (HttpServletResponse) res;
HttpServletRequest request = (HttpServletRequest) req;
Cookie[] lclC = request.getCookies();
for (int i = 0; i < lclC.length; i++)
{
m_Logger.debug("Found a cookie named " + lclC[i].getName() + " with
a maximum age of " + lclC[i].getMaxAge());
if (lclC[i].getMaxAge() == -1)
{
if (fc.getInitParameter("Max-Age") != null)
{
try
{
int lclMaxAge =
Integer.parseInt(fc.getInitParameter("Max-Age"));
m_Logger.debug("Setting cookie " + lclC[i].getName() + "
to have an age of " + lclMaxAge);
lclC[i].setMaxAge(lclMaxAge);
response.addCookie(lclC[i]);
}
catch (NumberFormatException e)
{
m_Logger.error("Cookie age is not a number (check
web.xml)", e);
}
}
}
}
chain.doFilter(req, res);
m_Logger.debug("Completed doFilter on the CookieExpiryFilter");
}
From: "David Rees" <[EMAIL PROTECTED]>
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
To: "Tomcat Users List" <users@tomcat.apache.org>
Subject: Re: Cookie expiry date...
Date: Mon, 13 Nov 2006 15:44:57 -0800
On 11/13/06, Dave Roberts <[EMAIL PROTECTED]> wrote:
After an absurd amount of searching about, I have not been able to find a
single reference on how to ensure that the cookies set by Tomcat expire 3
months after they're created (they currently expire sometime in 2019).
What cookies are you talking about? Session cookies or cookies
explicitly set by the application?
I am aware of the session time out that can be set in web.xml...
<session-config>
<session-timeout>129600</session-timeout>
</session-config>
These control the life of sessions on the server, which means that the
longest it will keep track of an inactive session cookie is 129600
seconds. If the session remains active, it will keep the session alive
indefinitely. These session cookies will also disappear if the client
closes their browser.
...but this does not help.
Which implies that you may be talking about application created cookies?
-Dave
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________
Try the next generation of search with Windows Live Search today!
http://imagine-windowslive.com/minisites/searchlaunch/?locale=en-us&source=hmtagline
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
