Announcement Announcement Module
No announcement yet.
Unable to set cookie after auethentication Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Unable to set cookie after auethentication

    Hi guys.
    I'm working on a project with custom spring security implementation. One of the custom features is that during the authentication process we should set some internal session id cookie to the client (browser).

    I tried to add cookie in successfulAuthentication() at UsernamePasswordAuthenticationFilter and i tried to do it in my onAuthenticationSuccess() on SavedRequestAwareAuthenticationSuccessHandler.

    When i inspect response object (in debbuger) immediately after response.addCookie( new Cookie( "foo", "bar"));, I see that there is only JSESSIONID cookie set in cookies collection. I checked the response headers in Firebug too, and really, there is no "foo" cookie.

    Does spring security has some restrictions about setting cookies?

    We are using spring security 3.0.3 on Tomcat 6.0.