re: Spring Security with JWT VIEW POST

FULL DISCUSSION
 

I still see set-cookie in response. And each time request /api/private, it will create a new JSESSIONID


set-cookie: JSESSIONID=...; Path=/; HttpOnly

 

It should not create JSESSIONID cookie. Do you have a git repository with your code? We can check it together :)

code of conduct - report abuse