像在Tomcat上一样进行Jetty httpOnly cookie配置
[英]Jetty httpOnly cookies configurarion like on Tomcat
问题描述
I have Tomcat server on my localhost and on deploy server is Jetty. 
我的本地主机上有Tomcat服务器,部署服务器上是Jetty。 I use Spring 2.5 with Spring Security 2.0 (Servlets are 2.5). 我将Spring 2.5与Spring Security 2.0一起使用(Servlet是2.5)。 I want to secure session id of our users. 我想确保我们用户的会话ID。 I have used these directives to set Tomcat to use HttpOnly cookies. 我已经使用这些指令将Tomcat设置为使用HttpOnly cookie。
<context useHttpOnly="true">
...
</context>
And all works fine (on tomcat). 一切正常(在tomcat上)。 Now I want to do the similar thing on Jetty. 现在,我想在码头上做类似的事情。 Is it possible? 可能吗? Or is it possible to manage it only in application context? 还是仅在应用程序上下文中可以管理它?
Thank you very much. 非常感谢你。
1 个解决方案
解决方案1
1 已采纳 2011-04-23 10:46:27
I think you should be able to easily upgrade to Jetty 8, which supports Servlet 3.0. 我认为您应该能够轻松升级到支持Servlet 3.0的Jetty 8。 There you have a standard way for that configuration. 那里有用于该配置的标准方法。 See this answer for how to do it in web.xml. 有关如何在web.xml中执行此操作的信息,请参见此答案 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.