Java – (Thread Local) Servlet Cookie Filter
by Kristian Kraljic, December 28, 2015
Sadly but true, it seems that I’m keeping my “one post a year”-momentum up… Oh, No… Not Again! I’m going to challenge myself and pull off a little year-end coding marathon! I’m having a lot of helpfull stuff in my quiver. It’s on, I’m going to release *one* post consecutively for the next six days! Including this one, that’ll make four posts in 2015 and already two post in 2016! So… “LET’S DO THIS!”
Let’s start with a thread local servlet cookie filter implementation. Handling user-based cookies on a server-side servlet application really proves difficult in Java. Cookies (at least for all standard protocol handler implementations) are handled by one central CookieHandler object, which can be set and retrieved using the CookieHandler‘s setDefault and getDefault methods. As this cookie handler is used system-wide, each process shares the same cookies for any given URL. For servlets handling cookies, this becomes a problem sooner or later, e.g. if the servlet is dealing with user-specific logins, or similar.