0

I am trying to store a cookie after authentication, but can't figure out how to adapt the authenticateUser method to accept the right cookie.

@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response authenticateUser(@FormParam("username") String username, 
                                 @FormParam("password") String password) {
try {

    // Authenticate the user using the credentials provided
    authenticate(username, password);

    // Issue a token for the user
    _logger.log(Level.INFO, "----ABOUT TO LOG TOKEN TO WILDFLY");
    String token = issueToken(username,"http://example.com","userToken",msInHour); //returns JWT token
    _logger.log(Level.INFO, "----LOGGING TOKEN TO WILDFLY: ",token);
    //return Response.ok(token).build();
    //https://stackoverflow.com/questions/7231156/how-to-set-cookie-in-jersey
    return Response.ok(token)
       .cookie(new NewCookie(createCookie(token,username)))
       .build();



} catch (Exception e) {
    _logger.log(Level.INFO, "----ERROR in AuthService:",e);
    return Response.status(Response.Status.FORBIDDEN).build();
}      
}


private Cookie createCookie(String token,String uname){
    //https://stackoverflow.com/questions/8889679/how-to-create-a-cookie-and-add-to-http-response-from-inside-my-service-layer
    final Boolean useSecureCookie = true;
    final int expiryTime = 60 * 60 * 24;  // 24h in seconds
    final String cookiePath = "/";
Cookie cookie = new Cookie("example.com", uname+"_"+token);
cookie.setSecure(useSecureCookie);  // determines whether the cookie should only be sent using a secure protocol, such as HTTPS or SSL
cookie.setMaxAge(expiryTime);  // A negative value means that the cookie is not stored persistently and will be deleted when the Web browser exits. A zero value causes the cookie to be deleted.
cookie.setHttpOnly(true);
cookie.setPath(cookiePath);  // The cookie is visible to all the pages in the directory you specify, and all the pages in that directory's subdirectories
return cookie;
}

If I use these imports the Cookie doesnt like it (can't find setSecure):

import javax.ws.rs.core.Cookie;
import javax.ws.rs.core.NewCookie;
import javax.ws.rs.core.Response;

How do I fix the cookie, or the authenticateUser method in this case?

Rilcon42
  • 9,584
  • 18
  • 83
  • 167

1 Answers1

0

If you're using the ResponseBuilder in JAX-RS, you need to use javax.ws.rs.core.NewCookie, which extends javax.ws.rs.core.Cookie.

http://docs.oracle.com/javaee/7/api/javax/ws/rs/core/NewCookie.html

ck1
  • 5,243
  • 1
  • 21
  • 25