If you look at the properties of the stored cookies on the client machine, you will see the age (or expiry time) is correctly set.
But as per Netscape cookie specification , client is required to send only cookie name and value, hence the browser does not send expiry time for the cookies it sends to server.
Hence, the servlet api on server side defaults the value to the recieved cookies to -1. And, yes, if you get the cookie from cookie array on request object, then cookie.getMaxAge() will always return -1.
I googled with "difference encodeURL and encodeRedirectURL" and found this interesting discussion. [ October 12, 2004: Message edited by: Susanta Chatterjee ]
Joined: Sep 07, 2004
Gosh! That explains clearly why I always get -1 : ) ... and I found that at least both IE and Firefox never returns the expiration date, only the "required" name and value, when I looked in the header using request.getHeader("COOKIE"). And now I will read through that information about encodeURL and encodeRedirectURL that you linked to.