Menu
I am creating a custom authentication service in my spring mvc application:
@Service public class AuthenticationServiceImpl implements AuthenticationService { @Autowired UserService userService; @Override public void login(String email, String password) { boolean isValid = userService.isValidLogin(email, password); if(isValid) { // ??? create a session cookie and add to http response } } } How can I create and add the cookie to the response?
980
To add a new cookie, use HttpServletResponse. addCookie(Cookie). The Cookie is pretty much a key value pair taking a name and value as strings on construction.
To send cookies to the server, you need to add the "Cookie: name=value" header to your request. To send multiple Cookies in one cookie header, you can separate them with semicolons. In this Send Cookies example, we are sending HTTP cookies to the ReqBin echo URL.
To add cookies to a request for authentication, use the header object that is passed to the get/sendRequest functions. Only the cookie name and value should be set this way. The other pieces of the cookie (domain, path, and so on) are set automatically based on the URL the request is made against.
Just set the Set-Cookie header in the response from the server side code. The browser should save it automatically. As a developer, you may be able to inspect the value of the cookies using "Developer Tools". And the same cookie will be sent in subsequent requests to the same domain, until the cookie expires.
Following @Aravind's answer with more details
@RequestMapping("/myPath.htm") public ModelAndView add(HttpServletRequest request, HttpServletResponse response) throws Exception{ myServiceMethodSettingCookie(request, response); //Do service call passing the response return new ModelAndView("CustomerAddView"); } // service method void myServiceMethodSettingCookie(HttpServletRequest request, HttpServletResponse response){ final String cookieName = "my_cool_cookie"; final String cookieValue = "my cool value here !"; // you could assign it some encoded value final Boolean useSecureCookie = false; final int expiryTime = 60 * 60 * 24; // 24h in seconds final String cookiePath = "/"; Cookie cookie = new Cookie(cookieName, cookieValue); cookie.setSecure(useSecureCookie); // determines whether the cookie should only be sent using a secure protocol, such as HTTPS or SSL cookie.setMaxAge(expiryTime); // A negative value means that the cookie is not stored persistently and will be deleted when the Web browser exits. A zero value causes the cookie to be deleted. cookie.setPath(cookiePath); // The cookie is visible to all the pages in the directory you specify, and all the pages in that directory's subdirectories response.addCookie(cookie); } Related docs:
http://docs.oracle.com/javaee/7/api/javax/servlet/http/Cookie.html
http://docs.spring.io/spring-security/site/docs/3.0.x/reference/springsecurity.html
138
In Spring MVC you get the HtppServletResponce object by default .
@RequestMapping("/myPath.htm") public ModelAndView add(HttpServletRequest request, HttpServletResponse response) throws Exception{ //Do service call passing the response return new ModelAndView("CustomerAddView"); } //Service code Cookie myCookie = new Cookie("name", "val"); response.addCookie(myCookie); If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
