Class CookieProcessorFilter

  • All Implemented Interfaces:

    public class CookieProcessorFilter
    extends java.lang.Object
    implements javax.servlet.Filter
    Centralized configuration of cookie attributes (i.e. HttpOnly, Secure, SameSite). Note that SameSite attribute is currently limited to application cookies only - we cannot currently configure SameSite for the JSESSIONID cookie because it is not currently supported by the Servlet API. To enable this filter, add (if not already) the following <filter> declaration to WEB-INF/web.xml:
     <web-app ...>
        <!-- Global settings -->
          <!-- UNSET, STRICT, LAX, NONE -->
        <!-- Specific cookie settings - can override any of the global settings for specific cookies -->
    • Constructor Detail

      • CookieProcessorFilter

        public CookieProcessorFilter()
    • Method Detail

      • init

        public void init​(javax.servlet.FilterConfig config)
                  throws javax.servlet.ServletException
        Specified by:
        init in interface javax.servlet.Filter
      • doFilter

        public void doFilter​(javax.servlet.ServletRequest request,
                             javax.servlet.ServletResponse response,
                             javax.servlet.FilterChain chain)
        Specified by:
        doFilter in interface javax.servlet.Filter
      • destroy

        public void destroy()
        Specified by:
        destroy in interface javax.servlet.Filter
      • setCookieAttribute

        public static void setCookieAttribute​(java.lang.String cookieName,
                                              java.lang.String cookieAttribute,
                                              java.lang.String value)
        Configure cookie attributes. Setting value to Null or empty String will clear the setting.
        cookieName - name of the cookie. Null or empty String designates all cookies.
        cookieAttribute - Options: sameSite, httpOnly, secure
        value - httpOnly, secure options: true, false; sameSite options: UNSET, STRICT, LAX, NONE
      • resolve

        public static void resolve​(java.lang.String cookieName,
                                   CookieProcessorFilter.CookieHandler handler)
        Resolves desired cookie attribute values from global and cookie specific configuration settings.
        cookieName - Cookie to resolve. If null, then global settings are returned.
        handler - Callback handler to assist with setting cookie attribute values.
      • getInfo

        public static java.lang.String getInfo()