File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes HTML, CSS and JavaScript and the fly likes handling cookies Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » HTML, CSS and JavaScript
Bookmark "handling cookies" Watch "handling cookies" New topic

handling cookies

venkatesh pendharkar
Ranch Hand

Joined: Apr 29, 2006
Posts: 106
Hi all,
I am writing 1 jsp page in which there is a login button. When clicked on that it calls javascript method"http://test:7010/login_validate.jsp") & opens login_validate.jsp page which is in a differnet context & different app server.
Now while before opening this link i want attach some cookie so that on login_validate.jsp I can validate the cookie & check if the user is valid or not. FOr attaching cookie I am using this function
setCookie("CSRWebsiteLoginCookie", '<%=sEncryptedUserId%>', expires, path);
& the funtions is

here when i run the code i see that cookie is created on the machine(cookies folder) from which login button was clicked, but on the machine where login_validate.jsp is saved , cookie is not received. That means although cookies is getting created it is not getting sent with link.
Can anyone tell me why this is happening & how to solve it??

[BSouther: Added UBB CODE tags]
[ September 21, 2007: Message edited by: Ben Souther ]
Ben Souther

Joined: Dec 11, 2004
Posts: 13410

Browsers are very strict about not allowing cookies to be read or written across domains.

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
venkatesh pendharkar
Ranch Hand

Joined: Apr 29, 2006
Posts: 106
Hi Ben Thanks for the reply,
I understood that it is not possible for me to send cookie from one domain to another domain.
So is there any way by which i can send some hidden values through function. Because i can not use cookies & i cant even attach the value that i want to send to the link using '?'. eg http://test:7010/login_validate.jsp?uid<>134994903 although im encrypting this value, if someone els copies this then he will be able to login to our system.
So i want to send the userId as hidden or secured field. can anyone suggest anything....
Eric Pascarello

Joined: Nov 08, 2001
Posts: 15385
Most people that use links to be able to login use a hash that has the information needed and the expiration time so the link onl woks for XXX minutes.

I agree. Here's the link:
subject: handling cookies
It's not a secret anymore!