set
@GET
@Path(value = "/auth_cookie"
@Timed
@PermitAll
Set authorization credentials in the HTTP headers as a session-lifetime, HTTP-only cookie.
This allows, eg, a JS websocket client to authenticate to the service via BasicAuthentication, make a request to this endpoint, and then initiate a cookie-authenticated websocket connection without js ever having access to a credential