I have been coding a React Native app for my Spring Boot backend server. I use basic form login, which requires jsessionid to be sent from the client to be authenticated.

This was my implementation:

const response = await axios.get('http://MYCOMPUTER_IP_ADDRESS/getAllNotes', {
          headers: { "Cookie": `JSESSIONID=${jsessionid}` },
          //withCredentials: true, Adding or removing withCredentials had absolutely no effect
        });

My Spring Boot api backend, where I added logging to understand why my certain requests are not authenticated.

@GetMapping("/getAllNotes")
    public ResponseEntity<?> getAllNotes(HttpServletRequest request) {
        System.out.println("Request Headers:");
        request.getHeaderNames().asIterator().forEachRemaining(headerName -> {
            System.out.println(headerName + ": " + request.getHeader(headerName));
        });

        // Log cookies
        System.out.println("Request Cookies:");
        Cookie[] cookies = request.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                System.out.println(cookie.getName() + ": " + cookie.getValue());
            }
        } else {
            System.out.println("No cookies found");
        }
        //Website logic here, irrelevant to the problem

}

The server returns these logs when I attempt to send an authenticated request (by that I mean I have already logged in successfully, and received by jsessionid, so it is not null on my react native side).

Request Headers:
host: MYCOMPUTER's IP ADDRESS
accept: application/json, text/plain, */*
cookie: JSESSIONID=D3EDC078300B55107E58D48F276294AA,JSESSIONID=D3EDC078300B55107E58D48F276294AA
user-agent: Expo/1017616 CFNetwork/1496.0.7 Darwin/23.5.0
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate
connection: keep-alive
Request Cookies:
No cookies found

So, the cookie header was present, yet it is not recognized as a cookie itself.

I tried fixing the issue, and the problem was somewhat solved when I just simply stopped including the cookie header. And it worked, since as it turns out, the axios automatically handles cookies. Although this was not useful to me, because I wanted to handle cookies myself, because I needed to update them whenever I wanted, and not just when axios decides to.

So, I decided to set this property to debug this: axios.defaults.headers.common[‘Cookie’] = ”;

That way, no Cookies were sent or cookie headers were sent. My initial hypothesis was that if I only have one jsessionid example in the cookie header, then it might solve the problem, so after setting default cookie header to ”, and then adding my own header as I did in my initial code, it did not work, despite only one instance of jsessionid being present in my cookie header:

Request Headers:
host: MYCOMPUTER'S_IP
accept: application/json, text/plain, */*
cookie: JSESSIONID=E5AE2FA8384BEB86ADABF9C932D02C1C,  P.S. the problem isn't in lower case, I checked
user-agent: Expo/1017616 CFNetwork/1496.0.7 Darwin/23.5.0
accept-language: en-US,en;q=0.9
accept-encoding: gzip, deflate
connection: keep-alive
Request Cookies:
No cookies found

So, I just don’t know what to do. Spring boot just does not recognize cookies as such.