This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Dynamic "cookieSecure" with weblogic

 
Tim Burnell
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
http://www.coderanch.com/t/68395/BEA-Weblogic/cookieSecure-http#414821
As referenced in the above post if cookie-secure is flagged in the weblogic.xlm as true it forces the post to always be secure.

However how does it act if it is set to false? Does it always make it un-secure, or does it not care?
because I have this programming in Java to try and control it
cookie.setSecure( URL.startsWith( "https" ) );

If I try it locally with tomcat it works correctly for Http (un-secure) and Https (secure).
However my server runs weblogic which is HTTPS but it always marks it un-secure.

So I was wonder if cookie-secure = false it setting it to un-secure. and if so, is there a way around it?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic