Came across something I never realised before with cookies (with Tomcat 6.x upgrade), we have some customer with ‘funny’ names with umlauts etc. in there name (The O in Ozkan should have one, but I never bothered with it living in England). This caused our code to go into some silly login in loop. Seems it is/was a contentious issue quite recently:
https://issues.apache.org/bugzilla/show_bug.cgi?id=44679
Answer : Encode to Base64 or catch the Exception and ignore it , Tough cookie to anyone with a funny name 
2010-08-11 10:23:07.627 – doGet
java.lang.IllegalArgumentException: Control character in cookie value, consider BASE64 encoding your value
at org.apache.tomcat.util.http.ServerCookie.maybeQuote2(ServerCookie.java:396)
at org.apache.tomcat.util.http.ServerCookie.maybeQuote2(ServerCookie.java:389)
at org.apache.tomcat.util.http.ServerCookie.appendCookieValue(ServerCookie.java:293)
at org.apache.catalina.connector.Response.addCookieInternal(Response.java:1010)
java.lang.IllegalArgumentException: Control character in cookie value, consider BASE64 encoding your value
at org.apache.tomcat.util.http.ServerCookie.maybeQuote2(ServerCookie.java:396)
at org.apache.tomcat.util.http.ServerCookie.maybeQuote2(ServerCookie.java:389)
at org.apache.tomcat.util.http.ServerCookie.appendCookieValue(ServerCookie.java:293)
at org.apache.catalina.connector.Response.addCookieInternal(Response.java:1010)