using cookie authentication in rest driver

Hi ,


As part of development we have to build rest driver based on cookie authentication. Sample curl commands looks as follows. Please anyone suggest how to map -c cookie & -b cookie in our rest driver where remaining all parameters i am able to configure in driver parameters

Process from driver :

   1. First generate the cookie from driver

     2. call that generated cookie for further rest calls from driver to a user

To Generate Cookie Curl command looks as follows: 

curl -v https://xxxxx --proxy https://xxxxxx:8080 -H 'X-Requested-With: XMLHttpRequest' -H 'Content-type: application/json' -c cookie -d '{"username": "xxxxxxxxx", "password": "xxxxxxx"}'


After generating cookie from above command we have to call that in next get query using -b cookie [Please let me suggest how to include -b cookie in our rest driver]

Getting user details where calling the above generated cookie to proceed further:

curl -v "">https://xxxxxxr<userid>" --proxy https://xxxxx:8080 -H 'X-Requested-With: XMLHttpRequest' -H 'Content-type: application/json' -b cookie


Note : 1 Please suggest me how to include cookie part (-c cookie / -b cookie) in our driver where i've done with all other parameters mentioned in above curl command


Note 2 : Hiding actual values with xxxxx. Please don't consider them as original .Need help only in cookie part

  • I learned in my recent project with the REST driver, that it does actually handle cookies: If the server responds to a request with a Set-Cookie header, then the driver will include that cookie in subsequent request. It is not logged in the driver's trace though.

  • Hi klasen,

    Now i tried with below setting in driver parameter but getting error as "401 Unauthorized". Please suggest your findings too which will helpful to me

    Step 1 :for setting cookie -- in driver parameters included the 

             Header Name : Set-Cookie

             Header Value : SSOcookie


    Step 2 : Then to include cookie in next subsequent request i've included below header in driver parameters

             Header Name : Cookie

             Header Value : SSOcookie


  • Verified Answer

    Set-Cookie headers are response headers, ie. they are the by the server. You cannot set them in your client on a request.

    When doing the first request (the one with username/password in the body - lets call it login) from the driver, the server's response should include the Set-Cookie header. The HTTP client in the REST driver shim caches the cookie and automatically adds it to all outgoing requests - until the cookie expires.

    So before doing the get user reqeust, you need to do a login request from the driver.

    It's best do define a driver scope variable to keep track of your authentication state. If you're not authenticated, do the login request and update the state if this was successful. If later a request fails because of an expired cookie, set the state to false and retry the request.