how to set JSESSIONID cookie as secure using Spring security 2 and Apache Tomcat 7 setting
Question
how to set JSESSIONID cookie as secure using Spring security 2 and Apache Tomcat 7 setting.
have put in the code below in web.xml and it deosn't seem to be working.
<cookie-config>
<secure>true</secure>
</cookie-config>
thanks
1 answers
solution1
5 2012-06-29 12:06:01
Use the following:
<session-config>
<cookie-config>
<secure>true</secure>
<http-only>true</http-only>
</cookie-config>
</session-config>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Spring Security Not Setting JSESSIONID Cookie
how to secure jsessionid cookie in tomcat 7 using environment variables
How to set SameSite and Secure attribute to JSESSIONID cookie
How to mark JSESSIONID secure in tomcat?
Add secure flag to JSESSIONID cookie in spring automatically
Who creates the JSESSIONID cookie in Spring Security?
Spring Security and Tomcat 8 JSessionId response mismatch
Forcing Tomcat to use secure JSESSIONID cookie over http
How to get a Spring Security's token username on the client side from JSESSIONID cookie?
Spring security login not working, no JSESSIONID cookie returned and redirect fails
Related Tags