Configuring Session Resolution

Session resolution can be configured with HttpSessionConfiguration.

By default, sessions are resolved using an HttpSessionFilter that looks for session identifiers via either an HTTP header (using the Authorization-Info or X-Auth-Token headers) or via a Cookie named SESSION.

You can disable either header resolution or cookie resolution via configuration in application.yml:

Disabling Cookie Resolution

  1. micronaut:
  2.   session:
  3.     http:
  4.       cookie: false
  5.       header: true

The above configuration enables header resolution, but disables cookie resolution. You can also configure header and cookie names.