• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Cookies & ServletFilters on Geronimo

 
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Apologies for revisiting a perennial topic but I'm struggling to delete a cookie.
Basically I have a session cookie that I want to access in a servlet filter then delete (expire). The code I'm using looks like this, in the doFilter method of the filter:

This appears to work fine, but the next time the user submits a request, the cookie is still there with a maxAge of -1. I'm using the Geronimo webserver.
Has anyone seen this before, and knows what I'm doing wrong?

Thanks,

John
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I wouldn't mess with the session cookie behind the servlet container's back. Try calling HttpSession.invalidate() instead.
 
John Simpson
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Ulf,

I invalidate the session when the user logs out, but I want to destroy the cookie when they are still in the application.
The cookie is set by an authentication process. I want to use the data in the cookie when the user logs in, then delete the cookie, so that if the user logs out but doesn't close the session window they are forced to log back in (rather than just re-using the old cookie).

Thanks,

John
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Is this a cookie you are setting, or are you talking about the cookie that the container creates to maintain the session?
 
John Simpson
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The cookie is created by an authentication service which I call from the login screen. It is not the JSESSIONID cookie.
 
Bear Bibeault
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by John Simpson:
It is not the JSESSIONID cookie.


Ah, your original post can be read to mean that it is the jSESSIONID cookie to which you are referring.
 
John Simpson
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
My apologies, that is not what I meant to imply. The cookie I am trying to remove is created by an application with a maxAge of -1. And despite my best efforts its maxAge stays at -1.
[ January 04, 2008: Message edited by: John Simpson ]
 
Live a little! The night is young! And we have umbrellas in our drinks! This umbrella has a tiny ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic