It doesn\'t seem that HttpServletResponse exposes any methods to do this.
Right now, I\'m adding a bunch of logging code to a crufty and ill-understood servlet, in
Your only approach is to wrap the HttpServletResponse object so that the addCookie methods can intercept and log when cookies are set. You can do this by adding a ServletFilter which wraps the existing HttpServletResponse before it is passed into your Servlet.
Cookies are sent to the client in the "Set-Cookie" response header. Try this:
private static void logResponseHeaders(HttpServletResponse httpServletResponse) {
Collection<String> headerNames = httpServletResponse.getHeaderNames();
for (String headerName : headerNames) {
if (headerName.equals("Set-Cookie")) {
log.info("Response header name={}, header value={}", headerName, httpServletResponse.getHeader(headerName));
}
}
}
If logging is all you're after, then I suggest writing an implemention of javax.servlet.Filter
which wraps the supplied HttpServletResponse
in a wrapper which allows you to expose the cookies after the filter executes. Something like this:
public class CookieLoggingFilter implements Filter {
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException ,ServletException {
ResponseWrapper wrappedResponse = new ResponseWrapper((HttpServletResponse) response);
filterChain.doFilter(request, wrappedResponse);
// use a real logger here, naturally :)
System.out.println("Cookies: " + wrappedResponse.cookies);
}
private class ResponseWrapper extends HttpServletResponseWrapper {
private Collection<Cookie> cookies = new ArrayList<Cookie>();
public ResponseWrapper(HttpServletResponse response) {
super(response);
}
@Override
public void addCookie(Cookie cookie) {
super.addCookie(cookie);
cookies.add(cookie);
}
}
// other methods here
}
One big caveat: This will not show you what cookies are sent back to the browser, it will only show you which cookies the application code added to the response. If the container chooses to change, add to, or ignore those cookies (e.g. session cookies are handled by the container, not the application), you won't know using this approach. But that may not matter for your situation.
The only way to be sure is to use a browser plugin like Live Http Headers for Firefox, or a man-in-the-middle HTTP logging proxy.
I had the same problem where I was using a 3rd party library which accepts an HttpServletResponse and I needed to read back the cookies that it set on my response object. To solve that I created an HttpServletResponseWrapper extension which exposes these cookies for me after I make the call:
public class CookieAwareHttpServletResponse extends HttpServletResponseWrapper {
private List<Cookie> cookies = new ArrayList<Cookie>();
public CookieAwareHttpServletResponse (HttpServletResponse aResponse) {
super (aResponse);
}
@Override
public void addCookie (Cookie aCookie) {
cookies.add (aCookie);
super.addCookie(aCookie);
}
public List<Cookie> getCookies () {
return Collections.unmodifiableList (cookies);
}
}
And the way I use it:
// wrap the response object
CookieAwareHttpServletResponse response = new CookieAwareHttpServletResponse(aResponse);
// make the call to the 3rd party library
String order = orderService.getOrder (aRequest, response, String.class);
// get the list of cookies set
List<Cookie> cookies = response.getCookies();