my dog learned polymorphism
The moose likes Servlets and the fly likes creating cookies across domains Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "creating cookies across domains" Watch "creating cookies across domains" New topic

creating cookies across domains

Rolf Johansson
Ranch Hand

Joined: Feb 25, 2004
Posts: 32
I have a servlet create 2 cookies, then perform a redirect to another URL (on another server) which needs these 2 cookies. My redirect works fine, but the application behind the other URL does not "see" these 2 cookies.
As a test, I wrote 2 simple servlets. One servlet adds the cookies to the response and performs the redirect to a servlet on the same server. The servlet to which I redirect simply looks at all the cookies in the request. The servlet to which the redirect is performed does not find the 2 cookies the first servlet adds to the response. (snippets below)

Any ideas why the cookies cannot be added / retrieved? Any help appreciated.

JDK 1.5
apache-tomact 6.0.10

Code to add cookies:

Code to retrieve cookies from request--never finds the 2 added?

[ February 16, 2008: Message edited by: Bear Bibeault ]
Ben Souther

Joined: Dec 11, 2004
Posts: 13410

Browsers won't send cookies set by one domain to another.
This is by design and has nothing to do with Tomcat.

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Rolf Johansson
Ranch Hand

Joined: Feb 25, 2004
Posts: 32
all URLs and servlets are in the same domain--I denoted the doamin as
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
I'd test whether the cookies

a) are set correctly (by examining the cookies stored in the browser)


b) whether they're sent to the 2nd server (using a tool like the LiveHttpHeaders extension for Firefox)
William Brogden
Author and all-around good cowpoke

Joined: Mar 22, 2000
Posts: 13037
For a precise statement of the rules cookies are supposed to obey, search for RFC 2965 "HTTP State Management Mechanism"

I agree. Here's the link:
subject: creating cookies across domains
It's not a secret anymore!