This is my interceptor: https://github.com/picketlink/picketlink-extensions/blob/master/core/src/main/java/org/picketlink/extensions/core/rest/interceptors/PostSignInCookieInterceptor.java

Now if I directly add the header set-cookie with the HTTPOnly suffixed,   will the ResponseBuilderImpl builder later properly handle it?


On 02/01/2013 08:37 AM, Bill Burke wrote:
response.getMetadata() is the headers.

On 2/1/2013 9:34 AM, Anil Saldhana wrote:

> NewCookie nc = new NewCookie(...);
> Response r = Response.ok().header("Set-Cookie", nc.toString()
> +";HttpOnly").build();
>
> How do we get something like this done with ServerResponse RESTEasy class?
>
> On 01/31/2013 06:19 PM, Bill Burke wrote:

>> Thanks.  I submitted a bug at JAX-RS 2.0 spec for this.
>>
>> On 1/31/2013 12:22 PM, Anil Saldhana wrote:

>>> Hi Bill,
>>>       I was wondering how RESTEasy deals with HTTP Only Cookies.
>>>
>>> I do see https://issues.jboss.org/browse/RESTEASY-479
>>>
>>> Regards,
>>> Anil

> _______________________________________________
> security-dev mailing list
> security-dev@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
security-dev mailing list
security-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev