Cookie

Configuration for session tracking through HTTP cookies. It is the most used session tracking mechanism. Servlet containers are required to support it. A container sends a cookie to the client. The client will return the cookie on each subsequent request to the server, to associate the request with a session.



 

Attributes Summary

name Specifies a unique name for the cookie.
domain The value of the domain field of a session tracking cookie.
maximumAge The amount of time that the cookie will live on the client browser.
path The paths (on the server) to which the session tracking cookie will be sent.
secure Whether session cookies include the secure field.

 

Attribute Details


name

Specifies a unique name for the cookie. The name must be JSESSIONID as specified in the Servlet 2.2 API.

Data type:   String
Default value:   JSESSIONID



domain

The value of the domain field of a session tracking cookie. This value will restrict where the cookie is sent. For example, if you specify a particular domain, session cookies will be sent only to hosts in that domain.

Data type:   String
Default value:   unspecified



maximumAge

The amount of time that the cookie will live on the client browser. This value corresponds to the Time to Live (TTL) value described in the Cookie specification.

Data type:   Integer
Default value:   -1



path

The paths (on the server) to which the session tracking cookie will be sent. Specify any string representing a path on the server. To indicate the root directory "/", leave the field blank.Specify a value in order to restrict the paths to which the cookie will be sent. By restricting paths, you can keep the cookie from being sent to certain URLs on the server. If you specify the root directory, the cookie will be sent no matter which path on the given server is accessed.

Data type:   String
Default value:   /



secure

Whether session cookies include the secure field. When enabled, restricts the exchange of cookies to only HTTPS sessions.

Data type:   Boolean
Default value:   false