Basic Authentication

...

Common HTTP frameworks such as the Apache HTTP Components already have the logic to do the cookie handling for you if the configuration is set accordingly.
In case of the Apache HTTP Components this is done by creating the HttpClient with a BasicCookieStore like this:
CookieStore cookieStore = new BasicCookieStore();
CloseableHttpClienthttpclient CloseableHttpClient httpclient = HttpClientBuilder.create().setDefaultRequestConfig(requestBuilder.build()).setDefaultCredentialsProvider(getCredentialProvider()).setDefaultCookieStore(cookieStore).build();

Closing Session

The duration of a session can be set separately for the core service and for the gateway. The default duration is 30 minutes for both. To close the session you have two options:

...