Thanks Andrej, for your updates.
I can’t see any Token and for you information, Please find below response(s) for different POST URIs.
Note: I have one more query that is my RESTful URL is not complete.
Ex:
-
Given URL: https://Domain/xxx/login, but it shows Path=/xxx/
-
Given https, but is shown HttpOnly().
-
For **login(POST method) **below is the Response I received, observed in Header
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Server: Apache-Coyote/1.1
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID=37732DB2684E2363F353875C0D08ACAE; Path=/xxx/; HttpOnly
Expires: 0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Date: Wed, 15 Aug 2018 10:19:16 GMT
Content-Type: text/plain
- For next **URI(POST method) **below is the **Response **I received, observed in Header
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Server: Apache-Coyote/1.1
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID=D0CCB85578291083C11556720996B755; Path=/xxx/; HttpOnly
Expires: 0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Date: Wed, 15 Aug 2018 10:23:48 GMT
Content-Type: text/plain