Hi,
I work on web application that's built on
Struts framework and deployed in Websphere Application Server 6.1 [ND].
There's a requirement to
exchange digitally signed cookie between the browser to server access.. Would like to know if we could configure the WAS to exchange digitally signed / hashed cookie or is to be done via the
Java code by implementing some
Servlet filters.. ?
Find that the we can configure Secure cookies -- Enabling the feature restricts the exchange of cookies to HTTPS sessions only. [ i understand that the cookie is encrypted and sent over the secure layer (SSL) ]. Does it include a digital signature when using secure cookies.. ?
Request some insights on the understanding and ideas on how this can be implemented.
Thanks
Roshini S