On May 8, 2009, at 10:23 PM, Peter Coppens wrote:
>
> Well...I stepped through the both the working and the failing case.
>
> What seems to happen is that there is a spring security filter
> (HttpSessionContextIntegrationFilter) which attempts to create a
> session
> after the resource has been invoked. When the (Jersey) resource
> returns a
> response that fails with an exception
>
> java.lang.IllegalStateException: Cannot create a session after the
> response has been committed
>
> which is - I think - the cause that the JSESSION cookie is not
> returned.
>
> Not sure why Jersey is committing the response.
I am guessing because Jersey is returning a response entity. Jersey is
not doing anything special, just setting the status, the headers and
writing one or more bytes to the servlet output stream.
> It does look like that makes
> it difficult for filters higher up the chain to do much useful stuff
> with
> the returned response.
>
My guess is this is a limitation in the response filter because it is
not buffering the response written by the servlet.
Paul.
> Anyone any thoughts?
>
> Thanks,
>
> Peter
> --
> View this message in context: http://n2.nabble.com/JSESSION-cookie-not-returned-with-Spring-Jersey-integration-tp2845573p2847362.html
> Sent from the Jersey mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
> For additional commands, e-mail: users-help_at_jersey.dev.java.net
>