Two aspects of the <code>CookieManager</code> class can be customized, the 
<code>CookiePolicy</code> and the <code>CookieStore</code>.
</blockquote>
<h3>CookiePolicy</h3>
<blockquote>
For convenience, <code>CookiePolicy</code> defines the following pre-defined 
policies for accepting cookies: 
<ul><li>
<code>CookiePolicy.ACCEPT_ORIGINAL_SERVER</code> only accepts cookies from the original server.
</li><li>
<code>CookiePolicy.ACCEPT_ALL</code> accepts all cookies.
</li><li>
 <code>CookiePolicy.ACCEPT_NONE</code> accepts no cookies. 
</li</ul>
You can also define your own cookie policy 
by implementing the <code>shouldAccept</code> method of
<code>CookiePolicy</code>. You can then use this <code>CookiePolicy</code> 
by passing it to the multi-argument <code>CookieManager</code> 
constructor or by calling the <code>setCookiePolicy(cookiePolicy)</code> 
method to change an already existing cookie manager.
<p>
The following is an example of a cookie policy that rejects cookies from domains that are
on a blacklist, before applying the <code>CookiePolicy.ACCEPT_ORIGINAL_SERVER</code>
policy:

import java.net.*;

public class BlacklistCookiePolicy implements CookiePolicy
{
    String[] blacklist;

    public BlacklistCookiePolicy(String[] list) {
        blacklist = list;
    }

    public boolean shouldAccept(URI uri, HttpCookie cookie)  {
        String host;
        try {
            host =  InetAddress.getByName(uri.getHost()).getCanonicalHostName();
        } catch (UnknownHostException e) {
            host = uri.getHost();
        }

        for (int i=0; i&lt;blacklist.length; i++) {
	    if (HttpCookie.domainMatches(blacklist[i], host)) {
                return false;
            }
        }

        return CookiePolicy.ACCEPT_ORIGINAL_SERVER.shouldAccept(uri, cookie);
    }
}

When you create a <code>BlacklistCookiePolicy</code> instance, you pass it an
array of strings representing the domains that you do not want to accept
cookies from. Then, you set this <code>BlacklistCookiePolicy</code> instance as the 
cookie policy for your <code>CookieManager</code>.
For example:

String[] list = new String[] { ".bar.com" };
CookieManager cm = new CookieManager(null, new BlacklistCookiePolicy(list));
CookieHandler.setDefault(cm);

The sample code will not accept cookies from hosts such as the following:

foo.bar.com
goo.bar.com

However, this sample code will accept cookies from hosts such as the following:

y.com
bar.com
x.foo.bar.com

</blockquote>
<h3>CookieStore</h3>
<blockquote>
A <code>CookieStore</code> is an interface that represents a storage area for 
cookies. <code>CookieManager</code> adds the cookies to the <code>CookieStore</code>
for every HTTP response and retrieves cookies from the <code>CookieStore</code>
for every HTTP request.
<p>
You can implement this interface to provide your own <code>CookieStore</code>
and pass it to the <code>CookieManager</code> during creation. You cannot set the 
<code>CookieStore</code> after the <code>CookieManager</code> instance has been 
created. However, you can get a reference to the cookie store by calling 
<code>CookieManager.getCookieStore()</code>. Doing so can be useful as it enables
you to leverage the default in-memory <code>CookieStore</code> implementation
that is provided by Java SE and complement its functionality.
<p>
For example, you might want to create a persistent cookie store that would
save cookies so that they can be used even if the Java Virtual Machine
is restarted. Your implementation would work similar to the following: 
<OL>
<LI>Any cookies that were previously saved are read in.</LI>
<LI>During runtime, cookies are stored and retrieved from memory.</LI>
<LI>Cookies are written out to persistent storage before exiting.</LI>
</OL>
The following is an incomplete example of this cookie store. This example
shows you how to leverage the Java SE default in-memory cookie store
and how you might extend its functionality.

import java.net.*;
import java.util.*;

public class PersistentCookieStore 
   implements CookieStore, Runnable
{
    CookieStore store;

    public PersistentCookieStore() {
        // get the default in memory cookie store
        store = new CookieManager().getCookieStore();

        // todo: read in cookies from persistant storage
        // and add them store

        // add a shutdown hook to write out the in memory cookies
        Runtime.getRuntime().addShutdownHook(new Thread(this)); 
    }

    public void run() {
        // todo: write cookies in store to persistent storage
    }

    public void	add(URI uri, HttpCookie cookie) {
        store.add(uri, cookie);
    }

    public List&lt;HttpCookie&gt; get(URI uri) {
        return store.get(uri);
    }

    public List&lt;HttpCookie&gt; getCookies() {
        return store.getCookies();
    }
    
    public List&lt;URI&gt; getURIs() {
        return store.getURIs();
    }

    public boolean remove(URI uri, HttpCookie cookie) {
        return store.remove(uri, cookie);
    }

    public boolean removeAll()  {
        return store.removeAll();
    }
}