my dog learned polymorphism*
The moose likes BEA/Weblogic and the fly likes Dynamic Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "Dynamic "cookieSecure" with weblogic" Watch "Dynamic "cookieSecure" with weblogic" New topic

Dynamic "cookieSecure" with weblogic

Tim Burnell

Joined: Jul 26, 2013
Posts: 1
As referenced in the above post if cookie-secure is flagged in the weblogic.xlm as true it forces the post to always be secure.

However how does it act if it is set to false? Does it always make it un-secure, or does it not care?
because I have this programming in Java to try and control it
cookie.setSecure( URL.startsWith( "https" ) );

If I try it locally with tomcat it works correctly for Http (un-secure) and Https (secure).
However my server runs weblogic which is HTTPS but it always marks it un-secure.

So I was wonder if cookie-secure = false it setting it to un-secure. and if so, is there a way around it?
I agree. Here's the link:
subject: Dynamic "cookieSecure" with weblogic
Similar Threads
help needed for https redirection
weblogic 10.3 + jdk6.0.14 = java applet problem?
Internet Explorer - HTTP Status 408 - The time allowed for the login process has been exceeded
Need sample of weblogic.xml file for supporting HttpOnly