CODEWITHSUNDEEP
javaspringspring-bootspring-securitywildfly
DevWithSigns
DevWithSigns

Reputation: 725

Modify JSESSIONID cookie in request headers

I'm using Spring Security with Spring Boot and i want to modify JSESSIONID cookie name and value. I searched over internet but couldn't find any appropriate solution. I'm using Wildfly server. I'm a newbie with spring framework.

RequestFilter.java

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class RequestFilter implements Filter {

    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) {
        HttpServletResponse response = (HttpServletResponse) res;
        HttpServletRequest request = (HttpServletRequest) req;

//        Cookie[] cookies = request.getCookies();
//        for (Cookie cookie : cookies) {
//            cookie.setMaxAge(0);
//            cookie.setValue(null);
//            cookie.setPath("/");
//            response.addCookie(cookie);
//        }
        response.setHeader("Access-Control-Allow-Origin", "http://localhost:4200");
        response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Set-Cookie", null);
        response.setHeader("X-Powered-By", null);
        response.setHeader("Server", null);
        if (!(request.getMethod().equalsIgnoreCase("OPTIONS"))) {
            try {

                chain.doFilter(req, res);
            } catch (Exception e) {
                e.printStackTrace();
            }
        } else {
            System.out.println("Pre-flight");
            response.setHeader("Access-Control-Allow-Methods", "POST,GET,DELETE");
            response.setHeader("Access-Control-Max-Age", "3600");
            response.setHeader("Access-Control-Allow-Headers", "authorization, content-type," +
                    "access-control-request-headers,access-control-request-method,accept,origin,authorization,x-requested-with");
            response.setStatus(HttpServletResponse.SC_OK);
        }

    }

    public void init(FilterConfig filterConfig) {
    }

    public void destroy() {
    }

}

Kindly suggest me the best way of renaming JSESSIONID cookie in spring security.

Upvotes: 0

Views: 4313

Answers (1)

Monzurul Shimul
Monzurul Shimul

Reputation: 8386

You can set a cookie name in application.properties file:

server.session.cookie.name = MYSESSIONID

Reference: https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html

Upvotes: 2

Related Questions