Sharing Browser Cookies With Java Applets

Q: Each time my Java Applet opens URLConnections to a server process, a new session with the server is generated. Why doesn't the Applet just use the cookie from its host browser?

A: Prior to Java 1.4.1 Update 1 for Mac OS X 10.2, the Java Plugin did not share cookies with the web browser they are embedded in. This results in separate sessions for the applet's HTTP connections and those of the browser, which can be problematic for some web applications. The problem can be solved, however, by forcing the browser's cookie upon the Applet. This does require code changes, but is reliable across browsers and versions of Mac OS X Java (1.3.1 and 1.4.1).

Note: This problem does not exist in Safari as of Java 1.4.1 Update 1 for Mac OS X 10.2, including all Java 1.4 releases on Mac OS X 10.3 and above. This Q&A is only applicable to developers wishing to support browsers other than Safari which continue to use Java 1.3. Developers requiring Java 1.4 on Mac OS X 10.2 can simply request that users download Java 1.4.1 Update 1 for free via Software Update.

Listing 1 demonstrates the HTML code required to start the process. The entire APPLET tag is written out using JavaScript, and the browser's cookie is written as a PARAM to the Applet via the Document.cookie JavaScript property. This simple HTML and JavaScript can easily be inserted into a JSP or Servlet, or any other dynamic mechanism.

Listing 1: Sending the browser cookie to an Applet.

<HTML>
    <BODY>

    <SCRIPT LANGUAGE="JavaScript"><!--
      // If cutting and pasting, remove line breaks from this writeln code
      document.writeln("<APPLET codebase=\".\"
        code=\"CookieCommune.class\"
        name=\"CookieCommune\" >");
        document.writeln("<PARAM name=\"browserCookie\"
        value=\"" + document.cookie + "\">");
      document.writeln("</APPLET>");
    --></SCRIPT>

  </BODY>
</HTML>

The second part of the process is within the Applet itself, where the cookie parameter is fetched and used in all subsequent HTTP connections that the Applet needs to make by setting the "Cookie" request property. Listing 2 shows what this code might look like.

Listing 2: Using the browser cookie inside an Applet.

import java.net.*;
  public class CookieCommune extends java.applet.Applet {

    private URL serverURL;
    public void init() {
      try {
       serverURL = new URL("http://mystatefulserver.com/talk.cgi");
      } catch (MalformedURLException e) {}
      super.init();
    }
    public void start() {

      try {
        // COOKIE SHARING: take browser cookie from Applet params
        URLConnection conn = serverURL.openConnection();
        // Attach browser cookie to URLConnection
        conn.setRequestProperty)"Cookie", getParameter("browserCookie"));
      } catch (java.io.IOException e) {}
      // .... use our new cookie-friendly Applet connections!
    }
  }

The result is an Applet that uses the same cookie information as its host browser every time, even through browser refreshes (where the original problem typically manifests). The demonstrated solution should be pluggable across various server applications, as well as any browser that uses Java 1.3.1 or Java 1.4.1 to run Applets on Mac OS X 10.2.

Document Revision History

DateNotes
2004-10-13Cited problem resolution in 1.4.1 Update 1 (for Jaguar) and later.
2003-09-11Creating a persistent browser session (cookie) inside Java 1.3 Applets

Posted: 2004-10-13


Did this document help you?
Yes: Tell us what works for you.
It’s good, but: Report typos, inaccuracies, and so forth.
It wasn’t helpful: Tell us what would have helped.