How to set httponly to the cookie from sling servlet and why the used version of javax.servlet is 2.5?

If you want to use the version of that Servlet API that supports this Java method - you can always add that version to AEM (as an OSGi bundle) and then add the JAR to your local Maven Repo. Then in your POM reference the JAR that contains the Servlet API that supports this method.

See the heading titled: HOW CAN I WORK WITH CUSTOM JARS THAT ARE NOT IN THE MAVEN REPOSITORY

Scott's Digital Community: Adobe Experience Manager FAQs and other Tips

Hi,

what version of AEM are you using? AEM 6.1 already supports servlet 3.1.

Jörg

I'm using AEM 6.2 @jorg

smacdonald2008​, I'm new in maven world, so that means that the maven repo doesn't have the javax.servlet package version 3.1, isn't it?

AEM 6.2 already supports javax.servlet version 3.1 (check the export statements of the bundle org.apache.felix.http.servlet-api).

Can you share your POMs?

Jörg

Here is my parent pom file. When I want to add additional dependency, I added it on parent pom file. I tried to add it in the core pom.xml, but it show error, so I just added it to the parent pom file.

<?xml version="1.0" encoding="UTF-8"?>
<!--
| Copyright 2015 Adobe Systems Incorporated
|
| Licensed under the Apache License, Version 2.0 (the "License");
| you may not use this file except in compliance with the License.
| You may obtain a copy of the License at
|
| http://www.apache.org/licenses/LICENSE-2.0
|
| Unless required by applicable law or agreed to in writing, software
| distributed under the License is distributed on an "AS IS" BASIS,
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
| See the License for the specific language governing permissions and
| limitations under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>id.jeffersonsetiawan.aem</groupId>
  <artifactId>training</artifactId>
  <packaging>pom</packaging>
  <version>1.0-SNAPSHOT</version>
  <description>training</description>

  <modules>
  <module>core</module>
  <module>ui.apps</module>
  <module>ui.content</module>
  <module>it.tests</module>
  <module>it.launcher</module>
  </modules>

  <properties>
  <aem.host>localhost</aem.host>
  <aem.port>4502</aem.port>
  <aem.publish.host>localhost</aem.publish.host>
  <aem.publish.port>4503</aem.publish.port>
  <sling.user>admin</sling.user>
  <sling.password>admin</sling.password>
  <vault.user>admin</vault.user>
  <vault.password>admin</vault.password>

  <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
  <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
  </properties>

  <build>
  <plugins>
   <!-- Maven Release Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-release-plugin</artifactId>
  <version>2.5.3</version>
  <configuration>
  <scmCommentPrefix>[maven-scm] :</scmCommentPrefix>
  <preparationGoals>clean install</preparationGoals>
  <goals>install</goals>
  <releaseProfiles>release</releaseProfiles>
  </configuration>
  </plugin>
   <!-- Maven Source Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-source-plugin</artifactId>
  <version>3.0.1</version>
  <inherited>true</inherited>
  </plugin>
   <!-- Maven Jar Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-jar-plugin</artifactId>
  <version>3.0.2</version>
  </plugin>
   <!-- Maven Enforcer Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-enforcer-plugin</artifactId>
  <executions>
  <execution>
  <id>enforce-maven</id>
  <goals>
  <goal>enforce</goal>
  </goals>
  <configuration>
  <rules>
  <requireMavenVersion>
  <version>[3.3.9,)</version>
  </requireMavenVersion>
  <requireJavaVersion>
  <message>Project must be compiled with Java 8 or higher</message>
  <version>1.8.0</version>
  </requireJavaVersion>
  </rules>
  </configuration>
  </execution>
  </executions>
  </plugin>
   <!-- Maven Compiler Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-compiler-plugin</artifactId>
  <configuration>
  <source>1.8</source>
  <target>1.8</target>
  </configuration>
  </plugin>
   <!-- Maven IntelliJ IDEA Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-idea-plugin</artifactId>
  <version>2.2.1</version>
  <configuration>
  <jdkLevel>1.8</jdkLevel>
  <linkModules>true</linkModules>
  <downloadSources>true</downloadSources>
  </configuration>
  </plugin>
   <!-- Maven Eclipse Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-eclipse-plugin</artifactId>
  <version>2.10</version>
  <configuration>
  <downloadSources>true</downloadSources>
  </configuration>
  </plugin>
  </plugins>
  <pluginManagement>
  <plugins>
   <!-- Maven Clean Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-clean-plugin</artifactId>
  <version>3.0.0</version>
  </plugin>
   <!-- Maven Resources Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-resources-plugin</artifactId>
  <version>3.0.2</version>
  </plugin>
   <!-- Maven Compiler Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-compiler-plugin</artifactId>
  <version>3.6.1</version>
  </plugin>
   <!-- Maven Installer Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-install-plugin</artifactId>
  <version>2.5.2</version>
  </plugin>
   <!-- Maven Surefire Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-surefire-plugin</artifactId>
  <version>2.20</version>
  </plugin>
   <!-- Maven Failsafe Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-failsafe-plugin</artifactId>
  <version>2.20</version>
  </plugin>
   <!-- Maven Deploy Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-deploy-plugin</artifactId>
  <version>2.8.2</version>
  </plugin>
   <!-- Apache Sling Plugin -->
   <plugin>
  <groupId>org.apache.sling</groupId>
  <artifactId>maven-sling-plugin</artifactId>
  <version>2.2.0</version>
  <configuration>
  <slingUrl>http://${aem.host}:${aem.port}/system/console</slingUrl>
  <deploymentMethod>WebConsole</deploymentMethod>
  </configuration>
  </plugin>
   <!-- HTL Maven Plugin -->
   <plugin>
  <groupId>org.apache.sling</groupId>
  <artifactId>htl-maven-plugin</artifactId>
  <version>1.0.6</version>
  <configuration>
  <failOnWarnings>true</failOnWarnings>
  </configuration>
  <executions>
  <execution>
  <goals>
  <goal>validate</goal>
  </goals>
  </execution>
  </executions>
  </plugin>
   <!-- Content Package Plugin -->
   <plugin>
  <groupId>com.day.jcr.vault</groupId>
  <artifactId>content-package-maven-plugin</artifactId>
  <version>0.5.1</version>
  <configuration>
  <targetURL>http://${aem.host}:${aem.port}/crx/packmgr/service.jsp</targetURL>
  <failOnError>true</failOnError>
  <failOnMissingEmbed>true</failOnMissingEmbed>
  <userId>${vault.user}</userId>
  <password>${vault.password}</password>
  </configuration>
  </plugin>
   <!-- Apache Felix Bundle Plugin -->
   <plugin>
  <groupId>org.apache.felix</groupId>
  <artifactId>maven-bundle-plugin</artifactId>
  <version>3.3.0</version>
  <inherited>true</inherited>
  </plugin>
   <!-- Maven Enforcer Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-enforcer-plugin</artifactId>
  <version>1.4.1</version>
  </plugin>
   <!-- Maven Dependency Plugin -->
   <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-dependency-plugin</artifactId>
  <version>3.0.0</version>
  </plugin>
   <!-- Build Helper Maven Plugin -->
   <plugin>
  <groupId>org.codehaus.mojo</groupId>
  <artifactId>build-helper-maven-plugin</artifactId>
  <version>3.0.0</version>
  </plugin>
   <!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
   <plugin>
  <groupId>org.eclipse.m2e</groupId>
  <artifactId>lifecycle-mapping</artifactId>
  <version>1.0.0</version>
  <configuration>
  <lifecycleMappingMetadata>
  <pluginExecutions>
  <pluginExecution>
  <pluginExecutionFilter>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-enforcer-plugin</artifactId>
  <versionRange>[1.0.0,)</versionRange>
  <goals>
  <goal>enforce</goal>
  </goals>
  </pluginExecutionFilter>
  <action>
  <ignore />
  </action>
  </pluginExecution>
  <pluginExecution>
  <pluginExecutionFilter>
  <groupId>
   org.apache.maven.plugins

   </groupId>
  <artifactId>
   maven-dependency-plugin

   </artifactId>
  <versionRange>
   [2.2,)

   </versionRange>
  <goals>
  <goal>copy-dependencies</goal>
  <goal>unpack</goal>
  </goals>
  </pluginExecutionFilter>
  <action>
  <ignore />
  </action>
  </pluginExecution>
  <pluginExecution>
  <pluginExecutionFilter>
  <groupId>
   org.codehaus.mojo

   </groupId>
  <artifactId>
   build-helper-maven-plugin

   </artifactId>
  <versionRange>
   [1.5,)

   </versionRange>
  <goals>
  <goal>
   reserve-network-port

   </goal>
  </goals>
  </pluginExecutionFilter>
  <action>
  <ignore />
  </action>
  </pluginExecution>
  </pluginExecutions>
  </lifecycleMappingMetadata>
  </configuration>
  </plugin>
  </plugins>
  </pluginManagement>
  </build>

  <profiles>
   <!-- ====================================================== -->
  <!-- A D O B E P U B L I C P R O F I L E -->
  <!-- ====================================================== -->
   <profile>
  <id>adobe-public</id>

  <activation>
  <activeByDefault>true</activeByDefault>
  </activation>

  <properties>
  <releaseRepository-Id>adobe-public-releases</releaseRepository-Id>
  <releaseRepository-Name>Adobe Public Releases</releaseRepository-Name>
  <releaseRepository-URL>https://repo.adobe.com/nexus/content/groups/public</releaseRepository-URL>
  </properties>

  <repositories>
  <repository>
  <id>adobe-public-releases</id>
  <name>Adobe Public Repository</name>
  <url>https://repo.adobe.com/nexus/content/groups/public</url>
  <releases>
  <enabled>true</enabled>
  <updatePolicy>never</updatePolicy>
  </releases>
  <snapshots>
  <enabled>false</enabled>
  </snapshots>
  </repository>
  </repositories>

  <pluginRepositories>
  <pluginRepository>
  <id>adobe-public-releases</id>
  <name>Adobe Public Repository</name>
  <url>https://repo.adobe.com/nexus/content/groups/public</url>
  <releases>
  <enabled>true</enabled>
  <updatePolicy>never</updatePolicy>
  </releases>
  <snapshots>
  <enabled>false</enabled>
  </snapshots>
  </pluginRepository>
  </pluginRepositories>
  </profile>

   <!-- Development profile: install only the bundle -->
   <profile>
  <id>autoInstallBundle</id>
   <!--
  To enable this feature for a bundle, the maven-sling-plugin
  (without configuration) needs to be included:

  <plugin>
  <groupId>org.apache.sling</groupId>
  <artifactId>maven-sling-plugin</artifactId>
  </plugin>
  -->
   <activation>
  <activeByDefault>false</activeByDefault>
  </activation>
  <build>
  <pluginManagement>
  <plugins>
  <plugin>
  <groupId>org.apache.sling</groupId>
  <artifactId>maven-sling-plugin</artifactId>
  <executions>
  <execution>
  <id>install-bundle</id>
  <goals>
  <goal>install</goal>
  </goals>
  </execution>
  </executions>
  </plugin>
  </plugins>
  </pluginManagement>
  </build>
  </profile>

  <profile>
  <id>autoInstallPackage</id>
  <activation>
  <activeByDefault>false</activeByDefault>
  </activation>
  <build>
  <pluginManagement>
  <plugins>
  <plugin>
  <groupId>com.day.jcr.vault</groupId>
  <artifactId>content-package-maven-plugin</artifactId>
  <executions>
  <execution>
  <id>install-package</id>
  <goals>
  <goal>install</goal>
  </goals>
  <configuration>
  <targetURL>http://${aem.host}:${aem.port}/crx/packmgr/service.jsp</targetURL>
  </configuration>
  </execution>
  </executions>
  </plugin>
  </plugins>
  </pluginManagement>
  </build>
  </profile>

  <profile>
  <id>autoInstallPackagePublish</id>
  <activation>
  <activeByDefault>false</activeByDefault>
  </activation>
  <build>
  <pluginManagement>
  <plugins>
  <plugin>
  <groupId>com.day.jcr.vault</groupId>
  <artifactId>content-package-maven-plugin</artifactId>
  <executions>
  <execution>
  <id>install-package-publish</id>
  <goals>
  <goal>install</goal>
  </goals>
  <configuration>
  <targetURL>http://${aem.publish.host}:${aem.publish.port}/crx/packmgr/service.jsp</targetURL>
  </configuration>
  </execution>
  </executions>
  </plugin>
  </plugins>
  </pluginManagement>
  </build>
  </profile>

  </profiles>


   <!-- ====================================================================== -->
  <!-- D E P E N D E N C I E S -->
  <!-- ====================================================================== -->
   <dependencyManagement>
  <dependencies>
   <!-- OSGi Dependencies -->
   <dependency>
  <groupId>org.osgi</groupId>
  <artifactId>osgi.core</artifactId>
  <version>6.0.0</version>
  <scope>provided</scope>
  </dependency>
  <dependency>
  <groupId>org.osgi</groupId>
  <artifactId>osgi.cmpn</artifactId>
  <version>6.0.0</version>
  <scope>provided</scope>
  </dependency>
  <dependency>
  <groupId>org.osgi</groupId>
  <artifactId>osgi.annotation</artifactId>
  <version>6.0.1</version>
  <scope>provided</scope>
  </dependency>
   <!-- Logging Dependencies -->
   <dependency>
  <groupId>org.slf4j</groupId>
  <artifactId>slf4j-api</artifactId>
  <version>1.5.11</version>
  <scope>provided</scope>
  </dependency>
   <!-- Apache Sling Dependencies -->
   <dependency>
  <groupId>com.adobe.aem</groupId>
  <artifactId>uber-jar</artifactId>
  <version>6.2.0</version>
  <classifier>apis</classifier>
  <scope>provided</scope>
  </dependency>

  <dependency>
  <groupId>org.apache.sling</groupId>
  <artifactId>org.apache.sling.models.api</artifactId>
  <version>1.0.0</version>
  <scope>provided</scope>
  </dependency>

   <!-- Servlet API -->
   <dependency>
  <groupId>javax.servlet</groupId>
  <artifactId>servlet-api</artifactId>
  <version>2.5</version>
  <scope>provided</scope>
  </dependency>
  <dependency>
  <groupId>javax.servlet.jsp</groupId>
  <artifactId>jsp-api</artifactId>
  <version>2.1</version>
  <scope>provided</scope>
  </dependency>
   <!-- JCR -->
   <dependency>
  <groupId>javax.jcr</groupId>
  <artifactId>jcr</artifactId>
  <version>2.0</version>
  <scope>provided</scope>
  </dependency>
   <!-- Taglibs -->
   <dependency>
  <groupId>com.day.cq.wcm</groupId>
  <artifactId>cq-wcm-taglib</artifactId>
  <version>5.7.4</version>
  <scope>provided</scope>
  </dependency>
   <!-- Testing -->
   <dependency>
  <groupId>junit</groupId>
  <artifactId>junit</artifactId>
  <version>4.12</version>
  <scope>test</scope>
  </dependency>
  <dependency>
  <groupId>org.slf4j</groupId>
  <artifactId>slf4j-simple</artifactId>
  <version>1.5.11</version>
  <scope>test</scope>
  </dependency>
  <dependency>
  <groupId>org.mockito</groupId>
  <artifactId>mockito-core</artifactId>
  <version>2.7.22</version>
  <scope>test</scope>
  </dependency>
  <dependency>
  <groupId>junit-addons</groupId>
  <artifactId>junit-addons</artifactId>
  <version>1.4</version>
  <scope>test</scope>
  </dependency>
  <dependency>
  <groupId>org.apache.httpcomponents</groupId>
  <artifactId>httpclient</artifactId>
  <version>4.5.3</version>
  </dependency>
  </dependencies>
  </dependencyManagement>

</project>

I will look into this at code level today or tomorrow.

Also - a tip - to find out which API version a specific AEM version uses - use the AEM Dep Finder --

http://localhost:4502/system/console/depfinder

Sorry for late reply.

I've update the javax.servlet to version 3, but it generate Failure to find javax.servlet:servlet-api:jar:3.1. so I just return it back to version 2.5.

I assume that you get this exception during the maven build, is that correct?

I am not sure if this version number exists as binary. Checking [1] shows me 3.0.1 as the lowest available version. (Not sure where the 2.x APIs are...)

Jörg

[1] The Central Repository Search Engine