on 01-14-2009 4:00 PM
I've a page with some flow logic in the OnInitialization event. At the end of the flow logic I have
request->get_cookies( CHANGING cookies = lt_cookies ).
request->delete_cookie( 'Mycookie' ).
request->get_cookies( CHANGING cookies = lt_cookies ).
CALL METHOD navigation->response_complete.
I test the page from SE80. Through debug, I can see that lt_cookies (after the second get_cookies) no longer has the cookie "Mycookie".
I then run the test again. At the start of my flow logic, I've got
request->get_cookies( CHANGING cookies = lt_cookies ).
In debug, I look at lt_cookies - and "Mycookie" is listed again!
The whole process is
IF cookie has a value. " Second time page is called
Do stuff with the cookie value.
Delete cookie.
ELSE. " First time page is called
Do some other stuff.
Set the cookie.
ENDIF.
So I really do need to delete it.
matt
Hi Matt,
I just had a quick play with this and I can see your problem.
Perhaps you should use the Mycookie attribute as a flag rather than try and delete it?
Something like..
IF cookie EQ abap_true. " Second time page is called
Do stuff with the cookie value.
Set the cookie to abap_false.
ELSE. " First time page is called
Do some other stuff.
Set the cookie to abap_true.
ENDIF.
Cheers
Graham Robbo
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Matt,
sorry this has taken a while. I have been trying to get on a system and for many reasons quite unbelievably I haven't been able to.
Anyway, I have done some research (and reread your code) and this is what I believe you need to do. Most of this info came from [Advanced BSP Programming|http://www.sap-press.com/product.cfm?account=&product=H1903] by Brian McKellar and Thomas Jung.
Firstly, because your cookie is created on the server and then sent to the browser the correct call for setting it is
response->set_cookie
rather than
request->set_cookie
as it needs to be set on the HTTP response.
This leads me to assume that the call
response->delete_cookie
is used to delete a cookie that has been created in the response object before the response is dispatched back to the browser. If I had system access I could try and test this.
You can't delete a client-side cookie from the server because it is actually stored on the browser. There is a call
response->delete_cookie_at_client
that sets the expiry date of the cookie to Jan 1st 1980 so that the browser will see the cookie as stale and drop it. I would try this first to see if it works.
Finally, if you are actually talking about the SAP SSO cookie itself, there is a function module called 'HTTP_DELETE_SSO2_COOKIE' that I have used in the past to achieve this.
Cheers
Graham Robbo
Hi Matt,
I just did a test on a ECC6.0 SP14 system and it seemed to me that it was working correctly.
I created a simple, and stateless, BSP page with just the following Layout
<%@page language="abap" %>
<%@extension name="htmlb" prefix="htmlb" %>
<%
data: lt_req_cookies type TIHTTPCKI,
lt_res_cookies type TIHTTPCKI,
lv_uzeit type string.
lv_uzeit = sy-uzeit.
request->get_cookies( CHANGING cookies = lt_req_cookies ).
response->set_cookie( name = 'MyTestCookie' value = lv_uzeit ).
"response->delete_cookie_at_client( 'MyTestCookie' ).
response->get_cookies( CHANGING cookies = lt_res_cookies ).
%>
<htmlb:content design="design2003" >
<htmlb:page title=" " >
<htmlb:form>
<htmlb:tableView id = "reqcookies"
table = "<%= lt_req_cookies %>"
headerText = "Request Cookies"
headerVisible = "TRUE" />
<hr />
<htmlb:tableView id = "rescookies"
table = "<%= lt_res_cookies %>"
headerText = "Response Cookies"
headerVisible = "TRUE" />
</htmlb:form>
</htmlb:page>
</htmlb:content>
This displays the cookies from the HTTP request (what has come from the browser), sets the MyTestCookie cookie in the HTTP response, and then displays the cookies from the HTTP response (what is going back to the browser).
The first time I execute the BSP I just see a couple of SAP specific cookies in the request called sap-usercontext and sap-appcontext which I will ignore from now on.
In the response cookies I see the MyTestCookie set to the current time as expected.
If I then refresh the browser page to call the BSP again, I see the HTTP request contains the MyTestCookie with the value that was specified in the first request. In the HTTP response I see the same cookie with the value of the current time. Again this is as expected.
Now I comment out the response->set_cookie call and uncomment the response->delete_cookie_at_client call. Now the code should look like this.
<%
data: lt_req_cookies type TIHTTPCKI,
lt_res_cookies type TIHTTPCKI,
lr_cookie type ref to ihttpcki,
lv_uzeit type string.
lv_uzeit = sy-uzeit.
request->get_cookies( CHANGING cookies = lt_req_cookies ).
"response->set_cookie( name = 'MyTestCookie' value = lv_uzeit ).
response->delete_cookie_at_client( 'MyTestCookie' ).
response->get_cookies( CHANGING cookies = lt_res_cookies ).
%>
Now if I refresh the page again to call the BSP application I can see that the MyTestCookie cookie is still passed in the HTTP request with the value that was passed in the previous response. In the HTTP response I see the MyTestCookie has a value of 0 and an expiry of Tue, 01-Jan-1980 00:00:01 GMT.
So the browser should now have received the cookie, seen that it has expired and discard it.
Now if I hit refresh again I see that the HTTP request object no longer contains the MyTestCookie cookie. Again this is as I would expect it to work.
The system I am testing on has SSO enabled, but I don't think that should change the handling of the cookies in any way.
Perhaps you can try this same test on your system to try and diagnose your problem?
Cheers
Graham Robbo
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.