Theres a typo on the answer.
Note that a browser has no knowledge about the existence of a servlet at the bank end. It cannot make a distinction between a servlet path and a context path. But you know that a servlet always listens under a context and therefore, while setting a cooking, you must include the context path if you want to restrict the browser to send the cookie only to a particular servlet. If you set the cookie's path to "/showbook", the cookie will be sent back with all the requests to "<hostname>/showbook". If your web app is named library and if you have another web application named showbook, then the cookie will be sent to the web app named "showbook" and not to the webapp named "library". So you should set the cookie's path to "/library/showbook". Since the web app name is outside the control of the web developer, you should use request.getContextPath() to get that name.