You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jose Euclides da Silva Junior - DATAPREVRJ <Jo...@rj.previdenciasocial.gov.br> on 2003/08/01 14:49:14 UTC
RES: Cookie problem max age problem - Best practice to solve it
Thanks for your attention! The question stays alive because this plugin runs
fine on OC4J(Oracle) environment, but its always a failure on Tomcat env.
Any other help would be appreciated.
Euclides.
-----Mensagem original-----
De: srevilak@g88.net [mailto:srevilak@g88.net]
Enviada em: quinta-feira, 31 de julho de 2003 09:32
Para: 'tomcat-user@jakarta.apache.org'
Assunto: Re: Cookie problem max age problem - Best practice to solve it
> From: Jose Euclides da Silva Junior - DATAPREVRJ
> Subject: Cookie problem max age problem - Best practice to solve it
> this question is very important to me. My application works with an
external
> authentication app ( like a plugin).When the user is logged, a browser
> cookie is created. The problem stays whenever the user asks for a logout
> process and the external app tries to "kill" its cookie (created before by
> the app), probably setting cookie's max age to 0, i guess. But TomCat
doesnt
> know that this cookie is already killed, because it just fetch the name
and
> value. So, i would like any tips about best practice on solving this kind
> of problem.
Cookie exchanges fall into one of two categories:
- what the server sends to the client
- what the client sends back to the server
Tomcat wouldn't fetch the value; the client's browser sends it.
Setting the max age of a cookie to zero is the proper way to delete a
cookie. When doing the deletion, are you sure that the name, domain,
and path values are identical to the ones used when the cookie was
initially set?
--
Steve
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: RES: Cookie problem max age problem - Best practice to solve it
Posted by sr...@g88.net.
srevilak> Setting the max age of a cookie to zero is the proper way to
srevilak> delete a cookie. When doing the deletion, are you sure that
srevilak> the name, domain, and path values are identical to the ones
srevilak> used when the cookie was initially set?
jose> Thanks for your attention! The question stays alive because this
jose> plugin runs fine on OC4J(Oracle) environment, but its always a
jose> failure on Tomcat env. Any other help would be appreciated.
jose> Euclides.
It's perfectly okay for a cookie to be set by one application, then
removed by another.
What are the values used for domain, path, and name when the cookie is
set? Most useragents provide a way to have the user prompted for each
cookie. That would be a helpful thing to do in this case.
What are the values used for domain, path, and name when the cookie is
deleted?
While domain and path are set when sending a cookie, the client only
sends back the name and value pair (domain and path are used by the
client in determining what cookies to send). As a result, something
like this won't work
deleteCookie.setDomain(cookieFromClient.getDomain());
hth.
--
Steve
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: RES: Cookie problem max age problem - Best practice to solve it
Posted by sr...@g88.net.
srevilak> Setting the max age of a cookie to zero is the proper way to
srevilak> delete a cookie. When doing the deletion, are you sure that
srevilak> the name, domain, and path values are identical to the ones
srevilak> used when the cookie was initially set?
jose> Thanks for your attention! The question stays alive because this
jose> plugin runs fine on OC4J(Oracle) environment, but its always a
jose> failure on Tomcat env. Any other help would be appreciated.
jose> Euclides.
It's perfectly okay for a cookie to be set by one application, then
removed by another.
What are the values used for domain, path, and name when the cookie is
set? Most useragents provide a way to have the user prompted for each
cookie. That would be a helpful thing to do in this case.
What are the values used for domain, path, and name when the cookie is
deleted?
While domain and path are set when sending a cookie, the client only
sends back the name and value pair (domain and path are used by the
client in determining what cookies to send). As a result, something
like this won't work
deleteCookie.setDomain(cookieFromClient.getDomain());
hth.
--
Steve