This week's book giveaway is in the OCAJP 8 forum.
We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line!
See this thread for details.
The moose likes HTML, CSS and JavaScript and the fly likes handling cookies Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of OCA Java SE 8 Programmer I Study Guide this week in the OCAJP 8 forum!
JavaRanch » Java Forums » Engineering » HTML, CSS and JavaScript
Bookmark "handling cookies" Watch "handling cookies" New topic

handling cookies

venkatesh pendharkar
Ranch Hand

Joined: Apr 29, 2006
Posts: 106
Hi all,
I am writing 1 jsp page in which there is a login button. When clicked on that it calls javascript method"http://test:7010/login_validate.jsp") & opens login_validate.jsp page which is in a differnet context & different app server.
Now while before opening this link i want attach some cookie so that on login_validate.jsp I can validate the cookie & check if the user is valid or not. FOr attaching cookie I am using this function
setCookie("CSRWebsiteLoginCookie", '<%=sEncryptedUserId%>', expires, path);
& the funtions is

here when i run the code i see that cookie is created on the machine(cookies folder) from which login button was clicked, but on the machine where login_validate.jsp is saved , cookie is not received. That means although cookies is getting created it is not getting sent with link.
Can anyone tell me why this is happening & how to solve it??

[BSouther: Added UBB CODE tags]
[ September 21, 2007: Message edited by: Ben Souther ]
Ben Souther

Joined: Dec 11, 2004
Posts: 13410

Browsers are very strict about not allowing cookies to be read or written across domains.

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
venkatesh pendharkar
Ranch Hand

Joined: Apr 29, 2006
Posts: 106
Hi Ben Thanks for the reply,
I understood that it is not possible for me to send cookie from one domain to another domain.
So is there any way by which i can send some hidden values through function. Because i can not use cookies & i cant even attach the value that i want to send to the link using '?'. eg http://test:7010/login_validate.jsp?uid<>134994903 although im encrypting this value, if someone els copies this then he will be able to login to our system.
So i want to send the userId as hidden or secured field. can anyone suggest anything....
Eric Pascarello

Joined: Nov 08, 2001
Posts: 15385
Most people that use links to be able to login use a hash that has the information needed and the expiration time so the link onl woks for XXX minutes.

I agree. Here's the link:
subject: handling cookies
It's not a secret anymore!