I read somewhere:
A zero value indicates that the cookies are temporary and will be destroyed once the client closes the browser.
But for example in shopping project,user does not want to close the browser and he log out and login again,and I think with setMaxAge(0) the cookies for previous user exist too.
public void setMaxAge(int expiry)
Sets the maximum age of the cookie in seconds.
A positive value indicates that the cookie will expire after that many seconds have passed. Note that the value is the maximum age when the cookie will expire, not the cookie's current age.
A negative value means that the cookie is not stored persistently and will be deleted when the Web browser exits. A zero value causes the cookie to be deleted.
expiry - an integer specifying the maximum age of the cookie in seconds; if negative, means the cookie is not stored; if zero, deletes the cookie
I set maxAge to zero, but it does not work.
When user purchase what he selected to buy, the maxAge of all cookies will be set to zero.and when another user login and select some goods, his choice will be added to the chioce of previous user and show all of them.
I have still problem with them.
Thanking you in anticipation
If both the expiration and the value are not being set, then that is out of your control and the problem is with the browser not changing as requested.
Dear Ben,yes,you are right,but it was one of my assignment to work with cookies and it's features.But as you said session is better than cookies.
You can handle more users from one browser and maintain state over "log outs" easily by placing the name of the cookies is some kind of namespace.
e.g. item="My Book" will be A5EE62_item="My Book"
where the namespace is based on a sessionid or the users loginname (BAEE64 encoded ofcourse) or some hash code over the login name or....
But be aware of the possible security issues since everything is handled on the client side which can be manipulated by everyone.
when another user login and select some goods, his choice will be added to the chioce of previous user and show all of them.
If you are talking about another user on another browser - that sounds like improper use of servlet instance variables instead of sessions.