Now that you've mastered the basics, it's time to bring out thebig iron. This week, The JSP Files explores the various techniquesavailable to "maintain state" on a JSP-based Web site. Learn about theCookie and Session objects, find out how to build a cookie-based hitcounter, and read about a simple yet effective way of protecting sensitiveWeb pages with the Session object.
This is a simple hit counter which creates a cookie the first time the uservisits the Web page, and then increments the counter on each subsequentvisit.
// declare some variables
Cookie cookieCounter = null;
// the cookie you want
String cookieName = "counter";
int cookieFound = 0;
// a few more useful variables
// get an array of all cookies available on client
Cookie cookies = request.getCookies();
// iterate through array looking for your cookie
for(int i=0; i<cookies.length; i++)
cookieCounter = cookies[i];
cookieFound = 1;
// if found
if(cookieFound == 1)
// get the counter value as string
tempString = cookieCounter.getValue();
// convert it to a number
count = Integer.parseInt(tempString);
// increment it
// back to a string
tempString = Integer.toString(count);
// store it in the cookie for future use
// set some other attributes
// send cookie to client
// if not found
// create a new cookie with counter 0
Cookie alpha = null;
alpha = new Cookie("counter", "0");
// display appropriate message
if (count > 0)
out.println("You have visited this page " + count + " time(s)! Don't you
have anything else to do, you bum?! ");
Sure, it looks a little complicated - but it won't once we break it downfor you.
The first thing you need to know is how to create a cookie on the client -this is accomplished with the following code:
The first two lines create a new instance of a Cookie object - "alpha". Thecookie variable "counter" is then initialized and set to the string "0".Next, the setMaxAge() and setPath() methods of the Cookie object are usedto set the expiry date (in seconds) and the cookie's availability,respectively. Finally, a call to the Response object's addCookie() methodtakes care of actually transmitting the cookie to the client.
As already mentioned, the only attribute which is not optional is theNAME=VALUE pair. If you'd like your cookie to remain available even afterthe user closes the browser, you should explicitly set an expiry date; ifnot, the cookie will be destroyed once the browser is closed.
The Cookie object also comes with a couple of other interesting methods.
setValue(someString) - sets the value of the cookie to someString
getValue() - returns the current value of the cookie
setPath(someURL) - sets the PATH attribute of a cookie to someURL
getPath() - returns the current value of the PATH attribute
setMaxAge(someSeconds) - sets the EXPIRES attribute of the cookie, inseconds
getMaxAge() - returns the current value of the EXPIRES attribute
setDomain(someURL) - sets the DOMAIN attribute of the cookie
getDomain() - returns the current value of the DOMAIN attribute
setSecure(flag) - sets the SECURE attribute of the cookie as either true orfalse
getSecure() - returns the current value of the SECURE attribute
Note that you can only save string values in a cookie with setValue() -which entails a lot of string-to-number-to-string conversions if youactually want to store a number (as in this example).