There are 2 problems with your code.
1) Since you are forwarding the request after setting the cookie, your cookie is deleted. Any headers or cookies that you set before the forward method are deleted. If the header/cookie is sent to the client before you call the forward, you'll get the IllegalStateException.
2) The way you are checking the cookie is not right. To test the cookie, you must send the response once to the client before checking if the cookies exist. If you set cookies on the server side and check for cookies directly on the server, there won't be any cookies. Let me explain it in simpler language. The first request is received by the servlet, there aren't any cookies in the request object. You set the cookies in the response object, this doesn't mean that the request object will now contain those cookies. The cookies will come in the next request from the browser. So the correct code would be something like this
When you first request this servlet, you won't get any cookies, on the next request you'll be able to see the cookie in the output...