{"id":398,"date":"2015-12-28T23:41:50","date_gmt":"2015-12-28T21:41:50","guid":{"rendered":"http:\/\/kra.lc\/blog\/?p=398"},"modified":"2015-12-30T15:06:46","modified_gmt":"2015-12-30T13:06:46","slug":"java-thread-local-servlet-cookie-filter","status":"publish","type":"post","link":"https:\/\/kra.lc\/blog\/2015\/12\/java-thread-local-servlet-cookie-filter\/","title":{"rendered":"Java &#8211; (Thread Local) Servlet Cookie Filter"},"content":{"rendered":"<p>Sadly but true, it seems that I&#8217;m keeping my <em>&#8220;one post a year&#8221;<\/em>-momentum up&#8230; <a href=\"http:\/\/tvtropes.org\/pmwiki\/pmwiki.php\/Main\/OhNoNotAgain\" target=\"_blank\"><strong>Oh, No&#8230; Not Again!<\/strong><\/a> I&#8217;m going to challenge myself and pull off a little year-end coding marathon! I&#8217;m having a lot of helpfull stuff in my quiver. It&#8217;s on, I&#8217;m going to release *one* post consecutively for the next six days! Including this one, that&#8217;ll make four posts in 2015 and already two post in 2016! So&#8230; <strong>&#8220;LET&#8217;S DO THIS!&#8221;<\/strong><\/p>\n<p>Let&#8217;s start with a thread local servlet cookie filter implementation. Handling user-based cookies on a server-side servlet application really proves difficult in Java. Cookies (at least for all standard protocol handler implementations) are handled by one central <code>CookieHandler<\/code> object, which can be set and retrieved using the <code>CookieHandler<\/code>&#8216;s <code>setDefault<\/code> and <code>getDefault<\/code> methods. As this cookie handler is used system-wide, each process shares the same cookies for any given URL. For servlets handling cookies, this becomes a problem sooner or later, e.g. if the servlet is dealing with user-specific logins, or similar.<\/p>\n<p><!--more--><\/p>\n<p>You can find a really simple solution for this problem on my new profile on <strong>GitHub<\/strong>:<\/p>\n<p><p><a href=\"https:\/\/github.com\/kristian\/cookie-filter\" target=\"_blank\" style=\"vertical-align:middle\"><strong>https:\/\/github.com\/kristian\/<\/strong><\/a> <small>(isn&#8217;t it cool that I got <code style=\"font-weight:bold\">kristian<\/code> to be my profile name on GitHub? <strong>*happy*<\/strong>)<\/small><\/p>\n<p>With the <strong>Java Servlet Cookie Filter<\/strong> user-based cookie handling becomes a piece of cake. When loading the classes, the <code>CookieFilter<\/code> class registers as a transparent (no data gets changed) filter implementation using the <code>@WebFilter<\/code> annotation. The filter first registers a new default <code>CookieHandler<\/code> which then dynamically intercepts each request and response. From now on each user gets access to a dedicated <code>CookieStore<\/code>. The store is purged as soon as the response is sent, so the next request going to the same thread will again receive a new <code>CookieStore<\/code>. This eliminates the risk of sharing any cookie information between threads or requests.<\/p>\n<p>So that was my first of fife posts this week. Hope you liked it. Expect more Java related stuff and some chit-chat in the next couple of days!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sadly but true, it seems that I&#8217;m keeping my &#8220;one post a year&#8221;-momentum up&#8230; Oh, No&#8230; Not Again! I&#8217;m going to challenge myself and pull off a little year-end coding marathon! I&#8217;m having a lot of helpfull stuff in my quiver. It&#8217;s on, I&#8217;m going to release *one* post consecutively for the next six days! [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[186,190,187,188,184,182,5,183,178,181,177,179,189,180,185],"class_list":["post-398","post","type-post","status-publish","format-standard","hentry","category-release","tag-cookie","tag-cookiefilter","tag-cookiehandler","tag-cookiestore","tag-filter","tag-j2ee","tag-java","tag-jee","tag-multi-thread","tag-servlet","tag-thread","tag-thread-local","tag-threadlocalcookiestore","tag-threadsafe","tag-webfilter"],"_links":{"self":[{"href":"https:\/\/kra.lc\/blog\/wp-json\/wp\/v2\/posts\/398","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kra.lc\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kra.lc\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kra.lc\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kra.lc\/blog\/wp-json\/wp\/v2\/comments?post=398"}],"version-history":[{"count":38,"href":"https:\/\/kra.lc\/blog\/wp-json\/wp\/v2\/posts\/398\/revisions"}],"predecessor-version":[{"id":447,"href":"https:\/\/kra.lc\/blog\/wp-json\/wp\/v2\/posts\/398\/revisions\/447"}],"wp:attachment":[{"href":"https:\/\/kra.lc\/blog\/wp-json\/wp\/v2\/media?parent=398"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kra.lc\/blog\/wp-json\/wp\/v2\/categories?post=398"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kra.lc\/blog\/wp-json\/wp\/v2\/tags?post=398"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}