# ktor

Claude Brisson

03/15/2021, 8:18 AM
I have this code in my server Application module :
Copy code
install(Sessions) {
    cookie<Session>("JSESSIONID", directorySessionStorage(File(".sessions"), cached = true)) {
        cookie.extensions["SameSite"] = "lax"
        cookie.path = "/"
Let say the Session class is a general purpose empty class that I just want always created, independent of any authentication mechanism. What else do I need in my application routing for the Set-Cookies header to be generated in each response ?
Responding to myself... I just need to call:
Copy code
call.sessions.getOrSet("JSESSIONID") { Session() }
whenever I want the session to be retrived or created.
Hum... that's not exactly working. I get :
java.lang.IllegalStateException: Using blocking primitives on this dispatcher is not allowed. Consider using async channel instead or use blocking primitives in withContext(<http://Dispatchers.IO|Dispatchers.IO>) instead.
Fixed by using 1.6.0-eap