spring + angular + session cookies

Question

I am developing an application with a springboot backend and an angular frontend.

Both will be deployed under the same domain. So I will use cookies to maintain the session.

But for development the spring services backend is on localhost:8080 and the angular app is on localhost:4200

I would like to be able to share the cookie on localhost for the different ports. How can I do this?

When I make a call to localhost:8080/api/service I can see in the response a Set-Cookie: JSESSIONID=A2DD58970CB3E8B9DD4F3BF1444D5E55; Path=/api; HttpOnly But on the next call the cookie is not sent.

I have decided to use cookies instead of sending a token in the header after reading this guide.

I don't have any strange configuration, but I understand that it must be due to a security problem. how can I disable this security control for development? What do you do in such cases?

score 2 · Answer 1 · answered Sep 28 '22 at 02:47

2

I have managed to fix it

From angular side using this.http.get('http://...', { withCredentials: true })

From spring side adding cors configuration with .allowCredentials(true)

answered Sep 28 '22 at 02:47

user60108

3,270
2
27
43

spring + angular + session cookies

1 Answers1