When I tested my REST-interface, which I implemented with Jersey, I also wanted to write Unit tests for an easy test. Since I spent some time to get authentication and autorisation working, I stood before another problem, when logging in and check access to my resources.
The problem that occured was that with each request a new session id was generated, which makes my authentication worthless. But I found a way around it:
WebTarget wt = target.path("rest");
Response res = wt.path("login").request().post(Entity.form(getAdminForm()));
// save the cookie created after the login
assertEquals(200, status); // ok
So the secret is to save the cookie of the response and append it to each following request!