Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
New Developer
hendrikrichert
Posts: 4
Registered: ‎06-02-2009
My Device: Not Specified

Best practices on cookie handling for java applications

Hi everyone!

 

I'm new to BlackBerry development and I am supposed to write an application that will interact with a JSON API of a given webservice.

Ive imported the JSON.ME package and it works great. But for authorization I'm not sure which way to go.

How is cookie handling "normaly" done on a BlackBerry device? I know the MDS Service takes care of cookies by default. But what about the Internet Service? If you have a BlackBerry device, does it matter which of the internet/mds services you have to get cookies handled by the server? I kind of need the big picture, and i cant seem to figure it out!

 

So in short: Can I rely on cookies being handled by all the different kinds of blackberry service solutions out there, or do I have to implement cookie handling myself for the application, in order to support devices that are not connected to a MDS service?

 

Thanks in advance,

 

Hendrik

BlackBerry Development Advisor
MSohm
Posts: 14,753
Registered: ‎07-09-2008
My Device: BlackBerry Passport

Re: Best practices on cookie handling for java applications

The application should handle the authentication and cookie storage itself.  The Mobile Data System of a BlackBerry Enterprise Server can handle cookies for the BlackBerry Browser, however this does not apply to third party applications. 
Mark Sohm
BlackBerry Development Advisor

Please refrain from posting new questions in solved threads.
Problem solved? Click the Accept As Solution button.
Found a bug? Report it using Issue Tracker
New Developer
hendrikrichert
Posts: 4
Registered: ‎06-02-2009
My Device: Not Specified

Re: Best practices on cookie handling for java applications

Thanks for the reply!

 

I think I mixed up cookie with JSESSION. My API uses JSESSIONIDs sent by set-cookie header flag after logins to find out about the auth status of a user. And while testing the MDS-CS Simulator kept filtering out those replies and handled the session. If we are going to use the MDS-CS (BES) in our environment, will this work the same way? Or is it advised to set the simulator to not handle cookies and implement all that in the application?

 

Thanks,

 

Hendrik

New Developer
New Developer
rzr
Posts: 151
Registered: ‎01-05-2010
My Device: dev alpha c (bb10)

Re: Best practices on cookie handling for java applications

This is unclear what MDS has to do with raw http querries ...

https://secure.wikimedia.org/wikipedia/en/wiki/BlackBerry_Enterprise_Server

 

If is it bypassed on simulator what is it needed to use cookies on the real devices in midlets or cod ?

 

Last question is there some API to delete a cookie or can it workarounded by setting cookie to empty string  ?

 

regards

 

Developer
RexDoug
Posts: 4,764
Registered: ‎07-21-2008
My Device: Not Specified

Re: Best practices on cookie handling for java applications

Didn't I already answer this question for you?  Maybe I just don't understand what you are trying to accomplish.

 

BES and BIS mange the state for you - you don't have to manage it.

 

If you run MDS on the simulator, this emulates a BES connection, so you will not see the cookies.

 

If you do some type of direct connection, then you manage the state by collecting the Set-Cookie data (set by the host once you authenticate), and returning it in the Cookie header.

 

This is well-covered ground on the forum, I believe. It is also documented in the HTTP State Management specification, which you can find with Google.