Hi,
I don't know if this will solve your problems, but it's worth noting a couple of things.
1) From your sample code it seems that you are creating or modifying a cookie in your servlet and then "forwarding" the request to your jsp and expecting the changes to the cookie to be visible right away in your jsp. This may be your problem.
I'm assuming that your jsp finds the cookie by calling the "request.get Cookies()" method, which returns an array of cookies that were saved on your client's hard drive and were submitted along with the request. When you create or modify a cookie it saves it back to your client's hard drive by adding it to the "response" object (response.addCookie). This means it doesn't get saved back to the client's hard drive until the request's trip completes. The request does not complete its trip until after it's done with the jsp you "forwarded" to as well. Since the jsp looks for the cookie in the "request" object, it does not see these changes until you complete the trip and then hit it a second time . . . The same is true for when you expire a cookie (setting max-age to 0). Your jsp won't know the cookie's max-age was changed in the servlet unless the trip (back to your client) was completed in the interim.
One way to get around this, is by having your servlet "redirect" to the jsp (response.sendRedirect). Unlike "forwarding", redirecting does complete the trip first, and only then does it come back to your jsp with the newly created/modified/expired cookie in tow . . .
2) The second point is something you mentioned about setting the max-age and not seeing it in the cookie. I too seem to recall debugging a servlet (using Visual Age for Java) and peering in on the contents of a cookie I created, and noticing that the max-age was always -1. This was true for all cookies even those that did in fact have a different max-age (meaning they were in fact expiring after a designated time, yet I still wasn't seeing their true max-age value when debugging it). Since this wasn't an actual problem (like I said the cookies were expiring at the designated time), I never pursued it any further . . .
Good luck . . .
[ June 09, 2002: Message edited by: Mayer Salzer ]