File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes Non-secure Cookie Used Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Non-secure Cookie Used" Watch "Non-secure Cookie Used" New topic

Non-secure Cookie Used

Prasanth S Pillai
Ranch Hand

Joined: Oct 28, 2009
Posts: 39
Please advise how to set a secure flag for cookies? I see lots of options in google. I have a j2ee application with apache web server & weblogic.

Where I need to do a change in order to see

Set-Cookie: var=value; httpOnly; secure

I assume it would be a webserver setting but dont know where.
Bear Bibeault
Author and ninkuma

Joined: Jan 10, 2002
Posts: 63865

Have you looked at the JavaDoc for the Cookie class?

[Asking smart questions] [About Bear] [Books by Bear]
Prasanth S Pillai
Ranch Hand

Joined: Oct 28, 2009
Posts: 39
The website -
says to use the <cookie-secure > tag in weblogic.xml to make cookie secure.
I tried it, but does not seem to be working.

has anyone tried this option? or any other working solution?
I agree. Here's the link:
subject: Non-secure Cookie Used
jQuery in Action, 3rd edition