This section covers the following topics:
Cookies are a way of storing data on the client side. They have been used extensively for personalization of portal sites, user preference tracking, and logging into web sites. For enterprise customers using cookies in their web sites, cookie support in Java Plug-in facilitates deployment of client-side Java.
Cookie support allows a Java component to pass a cookie back to a web server
if that cookie originated from the web server. This provides the server with
information about the state of the client. Java Plug-in provides bidirectional
cookie support.
Java Plug-in provides cookie support through the browser API. Because browsers on different platforms implement the browser's API differently, cookie support in Java Plug-in varies according to platform.
When a browser makes an HTTP/HTTPS request through a URL connection, it normally checks the cookie cache and policy to determine if a cookie should be sent along with the HTTP/HTTPS request header. If so, the browser will read the cookie from the cache and append the cookie as part of the HTTP/HTTPS request header.
When a browser processes the HTTP/HTTPS respond header through a URL connection, it will check the header to see if any cookies should be set. The browser also checks the cookie policy to determine if the action is allowed. If so, it will extract the cookie from the HTTP/HTTPS respond header and write it into the cookie cache.
When an HTTP/HTTPS request is made using Java Plug-in, Java Plug-in consults the browser to determine if a cookie should be sent along. If so, the HTTP/HTTPS request will contain the cookie as part of the header. Otherwise, the HTTP/HTTPS request will be sent with no cookie attached.
When a cookie needs to be set from the HTTP/HTTPS respond header, Java Plug-in uses the browser API to do so.
Cookie support in Java Plug-in is triggered transparently when an HTTP/HTTPS connection needs to be made.
When using Java Plug-in with Netscape 4, cookie support works only if the codebase
is the same or a subdirectory of the document base. See examples in the table
below:
|
Document Base
|
Codebase
|
Will It Work?
|
http://host.com/my/ |
http://host.com/my/ |
Yes |
http://host.com/my/ |
http://host.com/my/page |
Yes |
http://host.com/my/page/ |
http://host.com/my/ |
No |
To ensure that cookie support in Java Plug-in always works as expected, the following is recommended:
The above recommendations apply to an intranet environment, where deployment
of browsers and web servers is controllable.
Java Plug-in supports all cookie policies that are supported in both Internet Explorer and Netscape Navigator. Cookie policy can be configured in both browsers (see your browser guide for details). There are various options, including the following:
When cookie policy is changed in the browser, it will take effect the next time an HTTP/HTTPS connection is made via Java Plug-in.
Java Plug-in does not provide cookie-caching support. Instead, it consults
the browser every time an HTTP/HTTPS connection is made. Any change to a cookie
in the browser is reflected immediately in Java Plug-in when a new HTTP/HTTPS
connection is made.