JSP - Cookies 

In JSP (JavaServer Pages), cookies are small pieces of data that can be stored on the client-side (user's browser) by the web server. Cookies are commonly used for session management, tracking user preferences, and maintaining stateful information across multiple requests.

To work with cookies in JSP, you use the HttpServletResponse object to set cookies and the HttpServletRequest object to retrieve them. JSP provides implicit objects for both request and response, so you can access them directly in your JSP pages.

Here's how you can use cookies in JSP:

1. Setting a Cookie:

To set a cookie, you use the HttpServletResponse object's addCookie() method. This method takes an instance of the Cookie class as a parameter, where you can specify the name and value of the cookie, as well as other optional attributes like the path and expiry date.

<%@ page import="javax.servlet.http.Cookie" %>

<%

    // Create a new cookie

    Cookie cookie = new Cookie("username", "john_doe");

    // Set additional attributes (optional)

    cookie.setPath("/"); // The cookie will be accessible from all pages on the server

    cookie.setMaxAge(3600); // The cookie will expire in 1 hour (3600 seconds)

    // Add the cookie to the response

    response.addCookie(cookie);

%>

2. Retrieving a Cookie:

To retrieve a cookie, you use the HttpServletRequest object's getCookies() method, which returns an array of Cookie objects. You can then loop through the array to find the desired cookie by its name.

<%@ page import="javax.servlet.http.Cookie" %>

<%

    // Get the cookies from the request

    Cookie[] cookies = request.getCookies();

    // Search for the desired cookie by name

    String username = null;

    if (cookies != null) {

        for (Cookie cookie : cookies) {

            if ("username".equals(cookie.getName())) {

                username = cookie.getValue();

                break;

            }

        }

    }

    // Use the retrieved username

    if (username != null) {

        out.println("Welcome back, " + username + "!");

    } else {

        out.println("Welcome, new user!");

    }

%>

3. Deleting a Cookie:

To delete a cookie, you set its expiry date to 0 and add it back to the response. The browser will then remove the cookie.

<%@ page import="javax.servlet.http.Cookie" %>

<%

    // Create a new cookie with the same name as the one you want to delete

    Cookie cookie = new Cookie("username", "");

    // Set the cookie's maxAge to 0 to delete it

    cookie.setMaxAge(0);

    // Add the cookie to the response

    response.addCookie(cookie);

%>

Remember that cookies are stored on the client-side, and users have the option to disable or delete cookies from their browsers. Therefore, cookies are not suitable for storing sensitive data or critical session information. For more secure session management, consider using other session tracking mechanisms like URL rewriting or HttpSession objects.

Example of using cookies in JSP to remember and greet the user with their name. 

Step 1: Create index.jsp

<!DOCTYPE html>

<html>

<head>

    <title>Welcome</title>

</head>

<body>

    <h1>Welcome to our website!</h1>

    <%-- Check if the username cookie exists --%>

    <%

        String username = null;

        Cookie[] cookies = request.getCookies();

        if (cookies != null) {

            for (Cookie cookie : cookies) {

                if ("username".equals(cookie.getName())) {

                    username = cookie.getValue();

                    break;

                }

            }

        }

    %>

    <%-- If username cookie exists, greet the user --%>

    <% if (username != null) { %>

        <p>Hello, <%= username %>! Welcome back!</p>

    <% } else { %>

        <p>Please enter your name:</p>

        <form action="saveUsername.jsp" method="post">

            <input type="text" name="username" required>

            <input type="submit" value="Submit">

        </form>

    <% } %>

</body>

</html>

Step 2: Create saveUsername.jsp

<%@ page import="javax.servlet.http.Cookie" %>

<%

    // Get the username from the submitted form data

    String username = request.getParameter("username");

    // Create a new cookie

    Cookie cookie = new Cookie("username", username);

    // Set the cookie's expiry (e.g., 30 days from now)

    int maxAge = 30 * 24 * 60 * 60; // 30 days in seconds

    cookie.setMaxAge(maxAge);

    // Add the cookie to the response

    response.addCookie(cookie);

%>

<!DOCTYPE html>

<html>

<head>

    <title>Username Saved</title>

</head>

<body>

    <h1>Thank you, <%= username %>, your name has been saved!</h1>

    <p>You will now be greeted with your name when you visit the website again.</p>

    <p><a href="index.jsp">Go back to the main page</a></p>

</body>

</html>

In this example, when the user first visits index.jsp, the page checks if a cookie named "username" exists. If it does, the user is greeted with their name. If the cookie doesn't exist, the user is asked to enter their name in a form. When the form is submitted to saveUsername.jsp, it saves the username as a cookie with an expiration time of 30 days. The next time the user visits index.jsp, they will be greeted with their name.