配置 weblogic.xml 以发送安全的 JSESSIONID

Question

我正在尝试添加到 weblogic.xml 文件<cookie-secure>标签：

<wls:session-descriptor>
    <wls:timeout-secs>1800</wls:timeout-secs>
    <wls:cookie-path>/my-web</wls:cookie-path>
    <wls:cookie-http-only>false</wls:cookie-http-only>
    <wls:url-rewriting-enabled>false</wls:url-rewriting-enabled>
    <wls:sharing-enabled>true</wls:sharing-enabled>
    <wls:invalidate-on-relogin>true</wls:invalidate-on-relogin>
    <wls:cookie-secure>true</wls:cookie-secure>
</wls:session-descriptor>

但是出现一个错误：

cvc-complex-type.2.4.d: Invalid content was found starting with element 'wls:cookie-secure'. No child element is expected at this point

怎么可能解决问题？

Answer 1

正确的顺序是：

<wls:timeout-secs>1800</wls:timeout-secs>
<wls:cookie-path>/my</wls:cookie-path>
<wls:cookie-secure>true</wls:cookie-secure>
<wls:cookie-http-only>true</wls:cookie-http-only>
<wls:url-rewriting-enabled>false</wls:url-rewriting-enabled>