[ Team LiB ] Previous Section Next Section

Recipe 10.4 Reading Cookie Values with a Servlet


You want to read cookie values from a client using a servlet.


Create a Java array of javax.servlet.http.Cookie objects by calling the HttpServletRequest.getCookies( ) method. Then cycle through the array, accessing each cookie and value as needed.


The web user will send cookies to a web site only if the user originally received Set-Cookie headers from that domain. In addition, if the cookie was set with a Path attribute specifying a context path, then the servlet can access the cookie only if the servlet is also associated with the context path. As a result, always test the return value of the request.getCookies( ) method (which returns an array of Cookie objects) to see if it is null, indicating that the user has not sent any cookies, before operating upon it.

Example 10-5 displays the value of any found cookies in a web browser. The CookieReader class uses the javax.servlet.http.Cookie.getName( ) and getValue( ) methods in order to display this information.

Example 10-5. A cookie-reading servlet
package com.jspservletcookbook;           

import javax.servlet.*;
import javax.servlet.http.*;

public class CookieReader extends HttpServlet {

  public void doGet(HttpServletRequest request, 
    HttpServletResponse response) throws ServletException,
    java.io.IOException {
      Cookie cookie = null;
      //Get an array of Cookies associated with this domain
      Cookie[] cookies = request.getCookies( );
      boolean hasCookies = false;
      //if cookies contains an array and not a null value,
      //then we can display information about the cookies.
          if (cookies != null)
          hasCookies = true;
      // display the name/value of each cookie
      java.io.PrintWriter out = response.getWriter( );
      out.println("<title>Cookie information</title>");  
      if (hasCookies){
            "<h2> The name and value of each found cookie</h2>");
          for (int i = 0; i < cookies.length; i++){
              cookie = cookies[i];
                "Name of cookie #"+(i + 1)+": "+cookie.getName( )+"<br>");
                "Value of cookie #"+(i + 1)+": "+
                  cookie.getValue( )+"<br><br>");
      } else {
            "<h2> This request did not include any cookies</h2>");
  public void doPost(HttpServletRequest request, 
    HttpServletResponse response) throws ServletException,
     java.io.IOException {

The javax.servlet.http.Cookie class is an abstraction of a cookie that has getter and setter methods for a cookie's attributes, such as its name, value, path, and secure attributes. However, when you retrieve a cookie, you can only get its name and value, because this is the only information that the client includes in the request header. The Cookie request header looks like:

Cookie: JSESSIONID=F80F0F571FDE4873CFF3FF0B842D4938; mycookie=1051610231064

For example, calling Cookie.getPath( ) on a retrieved cookie will return null, even if the cookie was originally set with a valid path attribute, such as /mypath. You can only access these values in the servlet or JSP that creates the cookie object in the first place (see Recipe 10.1 and Recipe 10.3).

Figure 10-3 shows how a web browser displays this servlet's output.

Figure 10-3. A servlet displays cookie information

See Also

Recipe 10.1 on setting a cookie with a servlet; Recipe 10.2 on creating an array from all of the request's cookies; Recipe 10.3 on setting a cookie with a JSP; Recipe 10.5 on reading cookie values with a JSP; Recipe 10.6 on altering or removing an existing cookie; the RFC 2109 document dealing with cookies: ftp://ftp.rfc-editor.org/in-notes/rfc2109.txt; Netscape's preliminary specification for cookies: http://wp.netscape.com/newsref/std/cookie_spec.html; the Java Cookie API: http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/Cookie.html.

    [ Team LiB ] Previous Section Next Section