Hi have an spring boot application that in one service return a cookie with the following code:
public ResponseEntity<TokenDTO> login(@RequestBody CredentialsDTO credentials,HttpServletResponse response){
TokenWithSessionDTO tokenDTO = authServiceFacade.login( credentials );
if(credentials.getRememberMe() != null && credentials.getRememberMe() && tokenDTO.getSessionToken() != null) {
Cookie cookie = new Cookie( "gatestats-sessionId", tokenDTO.getSessionToken() );
cookie.setMaxAge( 7 * 24 * 60 * 60 ); // expires in 7 days
cookie.setPath( "/" );
//cookie.setSecure( true );
//cookie.setHttpOnly( true );
response.addCookie( cookie );
}
return ResponseEntity.ok().header( "withCredentials","true" ).body(tokenDTO.getToken());
}
I have commented just in case the httpOnly and the secure to see if this was the issue but it is not.
In the response in the browser I can perfectly see the header received
but then in the application tab I dont see it
I also tried just in case to see if it is received in the following request with the code of the authentication filter I have:
if(request.getCookies() != null && idTokenWithBearer == null) {
List<Cookie> persistentToken = List.of( request.getCookies() );
Cookie seesionCookie = persistentToken.stream().filter( cookie -> cookie.getName().equals( "gatestats-sessionId" ) )
.findAny().orElse( null );
But the getCookies method return null.
I am usisng as a front end an angular app and I have an interceptor with he “withCredentials: true”, you can see other requests here:
I also tried to change the cookie configuration with different domains as “localhost”, “localhost:4200”, “localhost:8080” and anything has work.
I am a bit new on cookies but as far as I know it should be shown in the application tab and then send automatically by the browser.
Thanks in advance for all your help and info.
Any additional information you want please add me a comment and I will update the question