Steve, the authentication app's plugin wasnt created by me, its only stored on TomCat to be used by my Java app. This plugin runs together with another app server, which completes the authentication process. After this process is completed ok, a cookie is created. So, when the user asks for logout, the plugin tries to delete the cookie, probably setting 0 to max age. If i work with OC4J, this steps runs fine and the user becomes abled to make another login request on the same browser instance, without needing to close it. But, if i work with TomCat, i need to close the browser instance and open another one to be sucessful. Needing help still. Regards, Euclides.
-----Mensagem original----- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Enviada em: sexta-feira, 1 de agosto de 2003 10:11 Para: 'Tomcat Users List' Assunto: Re: RES: Cookie problem max age problem - Best practice to solve it srevilak> Setting the max age of a cookie to zero is the proper way to srevilak> delete a cookie. When doing the deletion, are you sure that srevilak> the name, domain, and path values are identical to the ones srevilak> used when the cookie was initially set? jose> Thanks for your attention! The question stays alive because this jose> plugin runs fine on OC4J(Oracle) environment, but its always a jose> failure on Tomcat env. Any other help would be appreciated. jose> Euclides. It's perfectly okay for a cookie to be set by one application, then removed by another. What are the values used for domain, path, and name when the cookie is set? Most useragents provide a way to have the user prompted for each cookie. That would be a helpful thing to do in this case. What are the values used for domain, path, and name when the cookie is deleted? While domain and path are set when sending a cookie, the client only sends back the name and value pair (domain and path are used by the client in determining what cookies to send). As a result, something like this won't work deleteCookie.setDomain(cookieFromClient.getDomain()); hth. -- Steve --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
