Cookie Handling (Login & Logout)

**leo.dosdos** · 2010-03-25 09:55:49

leo.dosdos
Administrator
Offline

Registered: 2009-10-16
Posts: 2

Topic: Cookie Handling (Login & Logout)

1. When the user logs in and his credentials have been validated, put a cookie in the users browser indicating that he has logged in. For example.

Cookie cookie = new Cookie("is_login", "true");
cookie.setPath(WbdCache.getWebappPrefix());
response.addCookie(cookie);

2. Aside from the cookie, you need to add a flag in the request object, so that if you have a Production Helper that will be checking for the login status before the current process has returned to the user's browser, your Production Helper will get the correct value.

LoginRequestHandler:

WbdSession.setTemporaryValue(uh.getCredentials(), "loginStatus", "true");

LoginProductionHelper:

String isLoginTempStr = WbdSession.getTemporaryValue(ud.getCredentials(), "loginStatus");

If you placed the login cookie in the HttpServletResponse object and the page goes through the Login Production Helper, the production helper won't be able to find the cookie from the HttpServletRequest object since it is independent from the HttpServletResponse object. It needs to make a full cycle to the user's browser before the cookie is placed in the request object.

3. When logging out remove the cookie by expiring it and again set the login flag in the request object to false for the production helper.

Cookie[] cookies = request.getCookies();
for (Cookie c : cookies) {
    if (c.getName().equals("is_login")) {
    c.setMaxAge(0);
    response.addCookie(c);
    break;
    }
}
WbdSession.setTemporaryValue(uh.getCredentials(), "loginStatus", "false");

Cookie Handling (Login & Logout)

Posts [ 1 ]

1 Topic by leo.dosdos 2010-03-25 09:55:49

Topic: Cookie Handling (Login & Logout)

Posts [ 1 ]