curl -3 -v --cookie-jar newcookies.txt -H "Accept: application/json" -H "Content-type: application/json" -X POST https://todo-aerogear.rhcloud.com/todo-server/auth/login -d '{"username":"john","password":"123"}'

< HTTP/1.1 200 OK
< Date: Fri, 12 Apr 2013 15:09:53 GMT
< Server: Apache-Coyote/1.1
< Auth-Token: 6f5b8b84-f872-428d-8ee0-a516610d30e4
< Content-Type: application/json;charset=UTF-8
< Content-Length: 46
* Added cookie JSESSIONID="AWxvYeSr0nin0AE+XdotWsQd" for domain todo-aerogear.rhcloud.com, path /todo-server, expire 0
< Set-Cookie: JSESSIONID=AWxvYeSr0nin0AE+XdotWsQd; Path=/todo-server
< Vary: Accept-Encoding
< 
* Connection #0 to host todo-aerogear.rhcloud.com left intact
{"username":"john","roles":["admin","simple"]}* Closing connection #0

curl -3 -v --cookie newcookies.txt -H "Accept: application/json" -H "Content-type: application/json" --header "Auth-Token: I_AM_WRONG" -X GET https://todo-aerogear.rhcloud.com/todo-server/tags

> GET /todo-server/tags HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: todo-aerogear.rhcloud.com
> Cookie: JSESSIONID=AWxvYeSr0nin0AE+XdotWsQd
> Accept: application/json
> Content-type: application/json
> Auth-Token: I_AM_WRONG
> 
< HTTP/1.1 200 OK
< Date: Fri, 12 Apr 2013 15:10:03 GMT
< Server: Apache-Coyote/1.1
< Content-Type: application/json;charset=UTF-8
< Vary: Accept-Encoding
< Transfer-Encoding: chunked
< 
* Connection #0 to host todo-aerogear.rhcloud.com left intact
[{"id":1,"title":"asdf","style":"tag-79-33-196","tasks":[1]},{"id":2,"title":"dadasdasdas","style":"tag-255-255-255","tasks":[]}]* Closing connection #0
* SSLv3, TLS alert, Client hello (1):