aspose file tools*
The moose likes Servlets and the fly likes Non-secure Cookie Used Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Non-secure Cookie Used" Watch "Non-secure Cookie Used" New topic
Author

Non-secure Cookie Used

Prasanth S Pillai
Ranch Hand

Joined: Oct 28, 2009
Posts: 39
Please advise how to set a secure flag for cookies? I see lots of options in google. I have a j2ee application with apache web server & weblogic.

Where I need to do a change in order to see

Set-Cookie: var=value; httpOnly; secure

I assume it would be a webserver setting but dont know where.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61770
    
  67

Have you looked at the JavaDoc for the Cookie class?


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Prasanth S Pillai
Ranch Hand

Joined: Oct 28, 2009
Posts: 39
The website - http://docs.oracle.com/cd/E15051_01/wls/docs103/webapp/weblogic_xml.html
says to use the <cookie-secure > tag in weblogic.xml to make cookie secure.
I tried it, but does not seem to be working.

has anyone tried this option? or any other working solution?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Non-secure Cookie Used