We need some clarification regarding cookie access and the "httponly" cookie atttribute in the http header.
We notice the following:
The connector needs to be able to access the cookie information (JSESSIONID). This seems to be only possible,
as long as the the response that is send from the API server does not contain a cookie where the "httponly" attribute is set.
If the attribute is set (excerpt from the http header):
Set-Cookie: JSESSIONID=xxxxxxx; Secure;HttpOnly;
the process will fail, since the JSESSIONID can not be read.
Is this the intended behavior in boomi ?
Is there a way to control the behavior in boomi, so that it would be possible to evaluate the cookie for this connector, even if the attribute "httponly" is set ?