loading...

Discussion on: Spring Security with JWT

Collapse
zero2lin profile image
Z

I still see set-cookie in response. And each time request /api/private, it will create a new JSESSIONID


set-cookie: JSESSIONID=...; Path=/; HttpOnly

Collapse
kubadlo profile image
Jakub Leško Author

It should not create JSESSIONID cookie. Do you have a git repository with your code? We can check it together :)