This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Servlets and the fly likes Cookies Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Cookies" Watch "Cookies" New topic
Author

Cookies

Bharatesh H Kakamari
Ranch Hand

Joined: Nov 09, 2000
Posts: 198
Is it possible to find out from a servlet whether the browser at the client end support Cookies.
For eg many web sites inform that to access their page Cookies have to be supported. If Cookies are not supported then the site exits saying Cookies are not supported.
Randall Twede
Ranch Hand

Joined: Oct 21, 2000
Posts: 4340
    
    2

yes, all you have to do is

if they accept cookies, it wont be null.
------------------
Dont blindly believe everything I say.


SCJP
Visit my download page
kumard
Greenhorn

Joined: Mar 06, 2001
Posts: 4
Originally posted by Bharatesh H Kakamari:
Is it possible to find out from a servlet whether the browser at the client end support Cookies.
For eg many web sites inform that to access their page Cookies have to be supported. If Cookies are not supported then the site exits saying Cookies are not supported.

you can check whether browser is support cookies using method getCookies()
example:
Cookie cookies[] = request.getCookies();
if (cookies != null) {
for (int i=0; i < cookies.length; i++) {
cookie = cookies[i];
if (cookie.getName() != null &&
cookie.getValue() != null &&
cookie.getName().equals(name)) {
value = cookie.getValue();
break;
}

If the browser does not support cookies, or if cookies are disabled, you can still enable session tracking using URL rewriting. URL rewriting essentially includes the session ID within the link itself as a name/value pair. However, for this to be effective, you need to append the session ID for each and every link that is part of your servlet response.

------------------
Angela Lamb
Ranch Hand

Joined: Feb 22, 2001
Posts: 156
Wouldn't the getCookies() method also return null if the person had just cleaned out their cookies file? It wouldn't happen very often, but it's something to consider.
Frank Carver
Sheriff

Joined: Jan 07, 1999
Posts: 6920
"kumard",
The Java Ranch has thousands of visitors every week, many with surprisingly similar names. To avoid confusion we have a naming convention, described at http://www.javaranch.com/name.jsp . We require names to have at least two words, separated by a space, and strongly recommend that you use your full real name. Posts which contravene the naming convention are not eligible to win books! Please choose a new name which meets the requirements.

Thanks.


Read about me at frankcarver.me ~ Raspberry Alpha Omega ~ Frank's Punchbarrel Blog
Bidyut Padhi
Ranch Hand

Joined: Sep 07, 2000
Posts: 121
You can use Url re-writing & cookies Both in the code if the rowser doesnot support cookies then it will follow URL re-writing.
Regards
Bidyut
Vishakha Ahuja
Ranch Hand

Joined: Sep 13, 2000
Posts: 191
What will happen if the browser doesn't support cookies and when we use addCookie() method?
Bidyut Padhi
Ranch Hand

Joined: Sep 07, 2000
Posts: 121
You can use Url re-writing & cookies Both in the code if the rowser doesnot support cookies then it will follow URL re-writing.
Regards
Bidyut
maha anna
Ranch Hand

Joined: Jan 31, 2000
Posts: 1467
A reliable way to find out if a browser accepts cookies or not is, a checkServlet should drop a cookie purposly and try to get back the same cookie.
The getCookies() will return null for the following cases.
1. The browser itself may not support cookies
2. The browser may support but the user could have disabled the feature
3. The browser may support and the user also enabled the feature but there are no cookies set at user's machine
So we can't say what's the real reason. So a better approach could be, we send a cookie ourself and try to get it back.
regds
maha anna
Randall Twede
Ranch Hand

Joined: Oct 21, 2000
Posts: 4340
    
    2

maha is correct of course. getCookies() wouldnt take into account the slim chance that cookies are enabled but the person just deleted them all. So sending and retrieving one is better. Just a bit more coding. Oftentimes you will probably want to send them one anyway.
Val Dra
Ranch Hand

Joined: Jan 26, 2001
Posts: 439
if cookies are disabled this means that the session object is not available to us is this correct ? we can't use it right ? now this is just a qquestion let's say cookies are working and i am using session to store some object temporarily in it for later use , where would i store it if the session object is not available to me ? do i serialize it and store it in a file later ? how would one handle this ?
------------------
Val SCJP
going for SCJD


Val SCJP <BR>going for SCJD
Bharatesh H Kakamari
Ranch Hand

Joined: Nov 09, 2000
Posts: 198
Thanks all for the detailed explanation related to Cookies. Maha Anna is one of the persons without whose contributions to this site I would not have completed my SCJP2 41 mock exams are a journey to SCJP2.

maha anna
Ranch Hand

Joined: Jan 31, 2000
Posts: 1467
val,
In servlets session management is done like this.
For a web application there is a master session hashtable.
Master sessions Hashtable
-------------------------
Key value
---------------
ssnId1 ref_to_another_Hashtable_obj (assume it is HT1) // got from request.getSession("true")
ssnId2 ref_to_another_Hashtable_obj (HT2) //same as above
ssnId3 ref_to_another_Hashtable_obj (HT3)

HT1
---
Key value
-------------------
"fname" "val" // upd from session.setAttribute("fname","val")
"lname" "dra" // upd from session.setAttribute("lname","dra")
Basically how session management is done is , when the appln creates a new session for each user, the session object's ref (in other words sessionId) is kept in a master sessions table AND sent to browser when some data is sent to browser.
The sessionId has to be returned back to servlet from the browser when next time another request comes from the same user in order to keep track of the same user. So somehow we have to store the sessionId at user. It is done in one of 2 ways.
1. steal a very small chunk of user's hard disk and save it as cookie
2. Or append the sessionId purposly with each link from the pages of your appln which are all makes a request to web appln. It is called URL-rewriting.
Coming back to your question,
Cookies disabled does mean the session is lost if and only if our session management is done using only cookies.
If we follow the routine work of url-rewriting, then we can still make the sessions alive though the cookies can't be accepted at the browser.There are methods available as response.encodeUrl / response.encodeRedirectUrl etc to append the sessionIds to links.
I try to cut and paste some related code from one of web applns when i followed this approach soon.
regds
maha anna
Val Dra
Ranch Hand

Joined: Jan 26, 2001
Posts: 439
thanks, it's just that in asp if the cookies are disabled the use of session is useless because you can't keep track of the user using session then but like you said there was an option of urlrewriting.It's improovement i see in jsp over asp.
Bhupinder Dhillon
Ranch Hand

Joined: Oct 12, 2000
Posts: 124
Originally posted by Frank Carver:
"kumard",
The Java Ranch has thousands of visitors every week, many with surprisingly similar names. To avoid confusion we have a naming convention, described at http://www.javaranch.com/name.jsp . We require names to have at least two words, separated by a space, and strongly recommend that you use your full real name. Posts which contravene the naming convention are not eligible to win books! Please choose a new name which meets the requirements.

Thanks.

Frank, why do you guys allow a user to register with one word in the first place?
Cindy Glass
"The Hood"
Sheriff

Joined: Sep 29, 2000
Posts: 8521
The software that JavaRanch is built on is UBB. It does not do any edits on what the user ID can be. If Paul tries to hack into the base software (which is NOT java) then each time he upgrades he has to re-work the hacks.
He is currently saving up for an upgrade to UBB6. So any ideas for hacks are not well timed even if he chose to try them.


"JavaRanch, where the deer and the Certified play" - David O'Meara
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Cookies
 
Similar Threads
remember user password in jsp/java
WA #1.....word association
on Cookies
Session sharing (JSP-PHP)
handling next and back buttons in javascript