WOCookie

Inherits from:
Object

Package:
com.webobjects.appserver

Class Description

WOCookie is used for the creation and setting of cookies in your response objects. A cookie allows for the persistent storage of client state. Instead of using a WOSession object (which can potentially have a shorter life span), a cookie allows server-side applications to store state in client browsers for a specific or indeterminate amount of time. An advantage to cookies is that the data will be stored on the client and not on the server, allowing the server to maintain less state information. A specific advantage in WebObjects applications is that cookies allow the server to put state into the browser that is not bound to a session. Hence, the client can "leave" your application and return with its cookie's state intact.

A WOCookie object defines a cookie that can be added to the HTTP header for your response. You create a cookie using the static method cookieWithName.

To add or remove cookies from the response, use the WOMessage methods addCookie and removeCookie. To retrieve cookie data, use the WORequest methods cookieValues, cookieValueForKey, and cookieValuesForKey. WORequest returns the data as name/value pairs and not as WOCookie objects, since browsers don't return the additional data WOCookies provide, such as path name and expiration date.

For more information about cookies and their implementation details, see Netscape's preliminary specification at http://www.netscape.com/newsref/std/cookie_spec.html and RFC 2109 - HTTP State Management Mechanism at http://www.cis.ohio-state.edu/htbin/rfc/rfc2109.html.

If and when new details evolve in the implementation of cookies, you can subclass WOCookie and implement new behaviors. Pay particular attention to how you override headerString, which WOResponse uses to fill the HTTP response with a header string.

Method Types

Constructors
WOCookie
Creation
cookieWithName
Obtaining a cookie's attributes
domain
expires
headerString
isSecure
name
path
value
Setting a cookie's attributes
setDomain
setExpires
setIsSecure
setName
setPath
setValue

Constructors

WOCookie

public WOCookie ( String aName, String aValue, String aPath, String aDomain, NSTimestamp aDate, boolean isSecure)

This method is deprecated. Do not use it.

public WOCookie ( String aName String aValue String aPath String aDomain int timeout boolean isSecure)

This constructor initializes a newly-instantiated WOCookie with a name, value, path, domain, date, and a security flag.

public WOCookie( String aName, String aValue)

This constructor initializes a newly-instantiated WOCookie with just a name and its value.

A note on time out periods: time out periods are in seconds; a negative time out period indicates no time out; a time out of zero indicates expiration of all cookies with the given name.

Static Methods

cookieWithName

public WOCookie ( String aName, String aValue, String aPath, String aDomain, NSTimestamp aDate, boolean isSecure)

This method is deprecated. Do not use it.

public static WOCookie cookieWithName( String aName, String aValue)

Creates and returns a cookie with just a name and its value. This method sets the path attribute to your application's path.

public static WOCookie cookieWithName ( String aName String aValue String aPath String aDomain int timeout boolean isSecure)

Creates and returns a cookie, specifying all its attributes. For more information, see the descriptions of the methods that return attribute values.

A note on time out periods: time out periods are in seconds; a negative time out period indicates no time out; a time out of zero indicates expiration of all cookies with the given name.

See Also: domain, expires, isSecure, name, path, value

Instance Methods

domain

public String domain()

Returns the value of the cookie's "domain" attribute. It's of the form "companyname.com".

expires

public NSTimestamp expires()

This method is deprecated. Do not use it.

headerString

public String headerString()

Returns the string that will be used in the HTTP header. The returned string has the format:

Set-cookie: name=value; expires=date; path=path; domain=domain; secure;

The calendar format for the expiration date is:


@"%A, %d-%b-%Y %H:%M:%S GMT"

where all times are converted relative to Greenwich Mean Time.

This method is called by WOResponse when generating the response.

isSecure

public boolean isSecure()

Returns the cookie's "secure" attribute. This attribute specifies whether the cookie should be transmitted only with secure HTTP. The default value is false.

name

public String name()

Returns the cookie's "name" attribute. The name is similar to the key of a dictionary or hash table. Together, the name and value form the cookie's data.

path

public String path()

Returns the value of the cookie's "path" attribute. Cookies for a specific path are sent only when accessing URLs within that path. For more information on cookies and their paths, see Netscape's preliminary specification at http://www.netscape.com/newsref/std/cookie_spec.html and RFC 2109 - HTTP State Management Mechanism at http://www.cis.ohio-state.edu/htbin/rfc/rfc2109.html.