I have encountered an issue while attempting to pass a cookie for subsequent AJAX requests to my Spring MVC controller.
For example, I have an /login
endpoint where I send JSON via POST method to set a cookie. After setting the cookie, I can see it in Firebug:
The cookie is being created like this:
NewCookie cookie = new NewCookie(new Cookie(SECURITY_TICKET, encodedTicket, configKey, null), null, (int) TimeUnit.MINUTES.toSeconds(expireTime), expireTimeDate, false, false)
And then added to the HTTP headers:
httpHeaders.add(HttpHeaders.SET_COOKIE, cookie.toString());
These headers are then included in the ResponseEntity like so:
ResponseEntity entity = new ResponseEntity<>(this.entity, this.httpHeaders, this.status)
This response entity is returned as my controller's methods are all REST based.
However, when trying to access another (/search
) endpoint post successful login, which requires the cookie, the request fails as the cookie is not being passed back.
My AJAX calls are structured like this:
$(function () {
$.ajax({
url: 'http://localhost:8080/dev-citigroup-citi/login',
type: 'POST',
dataType: 'json',
data: '{ "username": "client1", "password": "*******", "platform": "iOS", "UUID": "321321321", "application": "CitiReach", "applicationVersion": "1.0" }',
success: function (data, status, xhr) {
$.ajax({
url: 'http://localhost:8080/dev-citigroup-citi/search/eventattendee?q=*:*&start=0&rows=1&wt=json&indent=true',
type: 'GET',
xhrFields: { withCredentials:true },
success: function (data, status, xhr) {
console.log(data);
},
error: function (jqXHR) {
console.log(jqXHR);
}
});
},
error: function (jqXHR) {
console.log(jqXHR);
}
});
});
Although the /login
call works fine, the other one fails. Despite adding
xhrFields: { withCredentials:true }
, the cookie does not seem to be included in the /search
request.
I have also correctly configured CORS:
Access-Control-Allow-Origin: http://localhost:63342
Access-Control-Allow-Credentials: true
http://localhost:63342
is the specified origin for the CORS headers.
Any insights on what might be the issue here?