Clear the session/cache/cookie in the JavaFX WebView

Question

I had a Swing dialog, which uses JavaFX WebView to display oAuth 2.0 URL from Google server.

public class SimpleSwingBrowser extends JDialog {

    private final JFXPanel jfxPanel = new JFXPanel();
    private WebEngine engine;

    private final JPanel panel = new JPanel(new BorderLayout());

    public SimpleSwingBrowser() {
        super(MainFrame.getInstance(), JDialog.ModalityType.APPLICATION_MODAL);
        initComponents();
    }


    private void initComponents() {
        createScene();

        panel.add(jfxPanel, BorderLayout.CENTER);

        getContentPane().add(panel);

        java.awt.Dimension screenSize = java.awt.Toolkit.getDefaultToolkit().getScreenSize();
        setBounds((screenSize.width-460)/2, (screenSize.height-680)/2, 460, 680);
    }

    private void createScene() {

        Platform.runLater(new Runnable() {
            @Override 
            public void run() {

                final WebView view = new WebView();
                engine = view.getEngine();

                engine.titleProperty().addListener(new ChangeListener<String>() {
                    @Override
                    public void changed(ObservableValue<? extends String> observable, String oldValue, final String newValue) {
                        SwingUtilities.invokeLater(new Runnable() {
                            @Override 
                            public void run() {
                                SimpleSwingBrowser.this.setTitle(newValue);
                            }
                        });
                    }
                });

                engine.getLoadWorker()
                        .exceptionProperty()
                        .addListener(new ChangeListener<Throwable>() {

                            public void changed(ObservableValue<? extends Throwable> o, Throwable old, final Throwable value) {
                                if (engine.getLoadWorker().getState() == FAILED) {
                                    SwingUtilities.invokeLater(new Runnable() {
                                        @Override public void run() {
                                            JOptionPane.showMessageDialog(
                                                    panel,
                                                    (value != null) ?
                                                    engine.getLocation() + "\n" + value.getMessage() :
                                                    engine.getLocation() + "\nUnexpected error.",
                                                    "Loading error...",
                                                    JOptionPane.ERROR_MESSAGE);
                                        }
                                    });
                                }
                            }
                        });

                // http://stackoverflow.com/questions/11206942/how-to-hide-scrollbars-in-the-javafx-webview
                // hide webview scrollbars whenever they appear.
                view.getChildrenUnmodifiable().addListener(new ListChangeListener<Node>() {
                    @Override 
                    public void onChanged(Change<? extends Node> change) {
                        Set<Node> deadSeaScrolls = view.lookupAll(".scroll-bar");
                        for (Node scroll : deadSeaScrolls) {
                            scroll.setVisible(false);
                        }
                    }
                });

                jfxPanel.setScene(new Scene(view));
            }
        });
    }

    public void loadURL(final String url) {
        Platform.runLater(new Runnable() {
            @Override 
            public void run() {
                String tmp = toURL(url);

                if (tmp == null) {
                    tmp = toURL("http://" + url);
                }

                engine.load(tmp);
            }
        });
    }

    private static String toURL(String str) {
        try {
            return new URL(str).toExternalForm();
        } catch (MalformedURLException exception) {
                return null;
        }
    }
}

Everytime, I will get the following URL from Google. I will use the SimpleSwingBrowser to load the following URL.

https://accounts.google.com/o/oauth2/auth?client_id=xxx&redirect_uri=http://localhost:55780/Callback&response_type=code&scope=email%20https://www.googleapis.com/auth/drive.appdata%20profile

During the first time, the following UI will be shown.

Screen One

enter image description here

Screen Two

enter image description here

After I

Perform success login at Screen One.
Presented with Screen Two.
Click on Accept.
Close the web browser dialog.
Again, generate the exact same URL as first time.
Create a completely new instance of SimpleSwingBrowser, to load URL generated at step

I expect Google will show me Screen One again, as this is a new browsing session. However, what I'm getting for the 2nd time, is Screen Two.

It seems that, there are some stored session/cache/cookie in the WebView, even though it is a completely new instance.

I expect I will get myself back to Screen One, so that I can support multiple user accounts.

How can I clear the session/cache/cookie in the WebView?

See related [Setting a cookie using JavaFX's WebEngine/WebView](http://stackoverflow.com/questions/14385233/setting-a-cookie-using-javafxs-webengine-webview). It's not exactly the same as your question, but perhaps it gives you a directional approach from which you can derive an answer. — jewelsea, May 01 '14 at 17:33
Thanks. After reading the question, I still cannot find a way to clear off all the cookie. — Cheok Yan Cheng, May 03 '14 at 18:53
It uses an in memory cache. You clear it by closing the Application. Maybe instead of a dialog, spawn a new app that you can close. — brian, May 03 '14 at 20:37

SimY4 · Accepted Answer · 2014-05-05T11:41:14.933

21

Session cookies for JavaFX WebView are stored in java.net.CookieHandler.

To manage cookies on your own create new instance of java.net.CookieManager:

java.net.CookieManager manager = new java.net.CookieManager();

Then set it as default:

java.net.CookieHandler.setDefault(manager);

To clear cookies just call removeAll method:

manager.getCookieStore().removeAll();

or just create new instance of cookie manager and set it as default:

java.net.CookieHandler.setDefault(new java.net.CookieManager());

edited May 05 '14 at 11:41

answered May 05 '14 at 11:06

SimY4

6,659
1
37
46

I have been breaking my head with this all day. Thank you very much!! – luanjot May 05 '14 at 13:58
1

Technically you are incorrect. By default they are stored in com.sun.webpane.webkit.network.CookieHandler , which has has a private final com.sun.webpane.webkit.network.CookieStore. – user3224416 Apr 19 '15 at 16:55
2

These classes implement wrong standard. There appears to be no public API for the new one. See here https://stackoverflow.com/a/14519837/478765 – ed22 Feb 09 '18 at 16:06
Any solutions for Java 9? – GOXR3PLUS Mar 11 '18 at 18:18
1

Please note that, this answer is broken as explained in https://stackoverflow.com/a/14519837/72437 (Do not waste your time trying to use java.net.CookieManager, and java.net.CookieStore. They are likely to cause problems with many sites because they implement the wrong standard.) – Cheok Yan Cheng Dec 24 '19 at 09:02

gfkri · Answer 2 · 2015-02-25T09:53:07.180

10

I used JavaFX 8 WebView to display OAuth 2.0 from Google as well as from Dropbox. Turned out setting a new instance of java.net.CookieManager() as default worked with Google (and of course removed the session cookies), but I wasn't able to sign in with my Dropbox account anymore. The "Sing in" button just did not work.

I debugged and found out that per default an instance of com.sun.webkit.network.CookieManager is used. So, I used

java.net.CookieHandler.setDefault(new com.sun.webkit.network.CookieManager());

which solved my problem. Due to its javadoc it's RFC 6265-compliant, which is the current definition of HTTP Cookies and Set-Cookie header fields.

You need to use the JDK (not just the JRE) as your project's system library due to some access restrictions in the JRE.

edited Feb 25 '15 at 09:53

answered Jul 28 '14 at 14:33

gfkri

2,041
20
23

This needs to be upvoted. Spent hours debugging only to discover java.net.CookieManager() was not sending cookies in the request. Using com.sun.webkit.network.CookieManager() fixed everything. – dejuknow Jun 21 '17 at 18:06
Do you still use this to sign in to Google with OAuth2? It does not seem to work any more. A few days ago it still worked but now I get an error saying that my browser (webview) does not support Cookies. Have you found a solution for this? – Dominique Sep 07 '17 at 18:30
I am sorry, I didn't use it in the last time. – gfkri Sep 08 '17 at 14:06
4

Be careful using this is a restricted API `com.sun.webkit.network.CookieManager()`, maybe it is completely removed in Java 9 `Access restriction: The type 'CookieManager' is not API (restriction on required library 'C:\Program Files\Java\jdk1.8.0_151\jre\lib\ext\jfxrt.jar')` – GOXR3PLUS Nov 21 '17 at 12:33
Great but this is private API. Apparently there is no public one though. https://stackoverflow.com/a/14519837/478765 – ed22 Feb 09 '18 at 16:07
Any solutions for Java 9 ? – GOXR3PLUS Mar 11 '18 at 18:18

Clear the session/cache/cookie in the JavaFX WebView

Screen One

Screen Two

2 Answers2

Linked