tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: cookies
Date Mon, 06 Aug 2007 18:38:04 GMT
I just did a responses to this and somehow it got lost ;-(

>Can you post your "cookie finding" code? Also, post the portion of your>(new) code
that /sets/ the cookie. Often, cookie-related issues are tied>to incorrect setting of the
"path" of the cookie. Also, are you using>SSL at all? If so, please describe any changes
from/to SSL requests>during this process.
Sure. My cookie-finding code is just basically this:

 int UserLevel = 4;

 Cookie cookies[] = request.getCookies();
 if ( cookies != null ) {
Length: <%=cookies.length%><p>
 int co;
 Cookie oreo;
 for ( co = 0; co < cookies.length; co++ ) {
 oreo = cookies[co]; 
<%=oreo.getName()%> <%=oreo.getValue()%>
 if ( oreo.getName().equals("UserLevel") ) {
 UserLevel = Integer.parseInt( oreo.getValue() );

You can see I have a couple debug statements. Length is 1
and the only cookie is JSESSIONID 034B86006263B7E9E68EE7A660DC728E.
Though I do see it in the catalina log and the edit->preferences (UserLevel 0).

The cookie-setting is not mine, but rather the person who left. It is kind of complicated
so I will just show the relative parts (you can ignore the else part). As I said it shows
in the log file and edit->preference

if(err.errcode == 0){
 Cookie cok = new Cookie("UserLevel",sUserLevel);
 System.out.println( "Added COOKIE UserLevel: " + sUserLevel );
 Cookie cok = new Cookie("UserLevel","");
 tmpl = wm.getTemplate("login.wm");
 err.errmsg += "Please try again or contact the adminstrator.";
 c.put("errorcode", err.errcode);
 c.put("errormsg", err.errmsg);
 tmpl.write(out, c);

-----Original Message-----
From: Christopher Schultz []
Sent: Monday, August 6, 2007 01:55 PM
To: 'Tomcat Users List'
Subject: Re: cookies

Hash: SHA1

Tony, wrote:
> He has something called login.html which uses a compiled
> program to set a cookie (response.addCookie( "UserLevel", "value") )
> which adds a cookie called UserLevel with a value retrieved from
> logging in. His other java code does a request.getCookies() and goes
> through the cookies to find "UserLevel" from which he then gets the
> values.

That sounds pretty standard. You ought to be able to replicate this
capability pretty easily.

> My code does the same thing, does
> getCookies[] and looks for "UserLevel". Problem is, it does not find
> it. When I do the Edit->Preferences->"Show Cookies", UserLevel is
> there with the correct value, but all my java jsp code can find is
> the session ID.

Can you post your "cookie finding" code? Also, post the portion of your
(new) code that /sets/ the cookie. Often, cookie-related issues are tied
to incorrect setting of the "path" of the cookie. Also, are you using
SSL at all? If so, please describe any changes from/to SSL requests
during this process.

> Does anyone know what I am doing wrong, or how I can get the
> recently-added cookie?
> I am using firefox.

Oh, good. There are several tools available for ff that are useful in
this regard. LiveHTTPHeaders is an add-on that allows you to snoop the
request and response headers of HTTP transactions. Once installed, you
can just open a LiveHTTPHeaders window and then go through your login
process. You can see the headers for all page requests until you clear
the buffer, so you can verify that, at least, the cookies are being sent

- -chris
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla -


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message