Apple WebObjects 3.5 User Manual

Page 127

Advertising
background image

State Storage Strategies

127

See

http://www.netscape.com/newsref/std/cookie_spec.html

for a complete description of

cookies.

To use cookies, all you need to do is set the application’s session storage
type in the application object’s initialization method:

//Java Application.java
public Application() {

super();
setSessionStore(

SessionStore.cookieSessionStoreWithDistributionDomain("",
false));

}

//WebScript Application.wos
- init {

[super init];
[self setSessionStore:

[WOSessionStore cookieSessionStoreWithDomain:@""
secure:NO]];

return self;

}

In this example, we set the domain to the empty string so that cookies that
this application sends to the user are valid for all domains. We also turn off
the requirement for a secure communications channel. Note that the cookie
store API doesn’t allow for a path argument. WebObjects automatically
restricts the path so that cookies that an application produces are valid only
within the application directory. For example, if you set the SessionStores
application to use a cookie session store, the client returns a cookie only if
the request URLs have this prefix:

/cgi-bin/WebObjects/Examples/SessionStores.woa/

As with storing state in the page, the cookie session-storage mechanism
uses archive objects that should be stored. WebObjects packages the
session state by archiving the session object (and all the component objects
that it contains) into an NSData (next.util.ImmutableBytes) object. The

domain

The Internet domain name for which the cookie is valid. If, for example, the specified
domain is

apple.com

for a given cookie, that cookie is returned along with a request to any

host whose domain ends in

apple.com

(for example,

www.apple.com

)—assuming the

URL is within the directories specified by

path

.

path

The directories within a given domain for which this cookie is valid. If, for example, a cookie
has a domain of

www.apple.com

and a path of

/devDoc

, the client returns the cookie to

the server for any request that begins with

http://www.apple.com/devDoc...

secure

Specifies that the cookie can be passed only using a secure communications channel, such
as SHTTP.

Field

Description

Advertising
Popular Brands
Popular manuals