How do you remove a Cookie in a Java Servlet

Dougnukem picture Dougnukem · May 21, 2009 · Viewed 210.3k times · Source

How do you remove a cookie in a Java servlet?

I tried this: http://www.jguru.com/faq/view.jsp?EID=42225

EDIT: The following now works successfully it appears to be the combination of:

response.setContentType("text/html");

and

cookie.setMaxAge(0);

Before I was doing:

//remove single signon cookie if it hasn't been validated yet
response.setContentType("text/html");
Cookie cookie = new Cookie(SSORealm.SSO_COOKIE_NAME, "");
cookie.setDomain(SSORealm.SSO_DOMAIN);
cookie.setMaxAge(-1);
cookie.setPath("/");
cookie.setComment("EXPIRING COOKIE at " + System.currentTimeMillis());
response.addCookie(cookie);

Which expires the cookie when the browser is closed as per the documentation.

A negative value means that the cookie is not stored persistently and will be deleted when the Web browser exits. A zero value causes the cookie to be deleted.

The full working snippet to expire a cookie is:

//remove single signon cookie if it hasn't been validated yet
response.setContentType("text/html");
Cookie cookie = new Cookie(SSORealm.SSO_COOKIE_NAME, "");
cookie.setDomain(SSORealm.SSO_DOMAIN);
cookie.setMaxAge(0);
cookie.setPath("/");
cookie.setComment("EXPIRING COOKIE at " + System.currentTimeMillis());
response.addCookie(cookie);

Answer

cjs picture cjs · May 21, 2009

The MaxAge of -1 signals that you want the cookie to persist for the duration of the session. You want to set MaxAge to 0 instead.

From the API documentation:

A negative value means that the cookie is not stored persistently and will be deleted when the Web browser exits. A zero value causes the cookie to be deleted.