This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
In my application I want to make JSESSIONID cookie to httpOnly and want to specify path for it for security purpose as it is having '/' as a default path. So I added following code after session creation.
After this JSESSIOND cookie path getting set as I have mentioned.
But as request process further another JSESSIONID cookie is getting created with '/' as a default path.
I am perfectly ok with how container is handling session. I just wanted to make JSESSIONID cookie as httpOnly and want to set it's path as it is suggested by Security Audit Group team.
But I am still unable to do it.
Any guidance related to it would be very helpful.
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
subject: Multiple Cookies with the name 'JSESSIONID' getting created