ailto:[EMAIL PROTECTED]
Sent: Friday, October 05, 2007 6:47 AM
To: Tomcat Users List
Subject: Re: setting secure cookie in Tomcat 5.0 config
In that case - this should do the trick:
http://tomcat.apache.org/tomcat-6.0-doc/config/http.html
-Tim
Biagi, Bill (Contractor) wrote:
> The thing
omcat Users List
Subject: Re: setting secure cookie in Tomcat 5.0 config
Not really. The reason is its rather nonsensical for any webserver to
set a cookie as secure when the request is not secure.
-Tim
Biagi, Bill (Contractor) wrote:
I've got a set of Cisco load balancers doing the SSL
share or use them without Fannie Mae's
approval. If received in error, contact the sender and delete them.
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 04, 2007 2:13 PM
To: Tomcat Users List
Subject: Re: setting secure cookie in Tomcat 5.0 config
error, contact the sender and delete them.
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 04, 2007 2:13 PM
To: Tomcat Users List
Subject: Re: setting secure cookie in Tomcat 5.0 config
Not really. The reason is its rather nonsensical for any webserv
sender and delete them.
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 04, 2007 1:38 PM
To: Tomcat Users List
Subject: Re: setting secure cookie in Tomcat 5.0 config
You'll need to install fiddler to sniff when the cookie is being set. If
the req
> From: Biagi, Bill (Contractor) [mailto:[EMAIL PROTECTED]
> Subject: RE: setting secure cookie in Tomcat 5.0 config
>
> I've got a set of Cisco load balancers doing the SSL so
> Tomcat does not know that these sessions are SSL.
>
> Is there any way to force To
Do not share or use them without Fannie Mae's
> approval. If received in error, contact the sender and delete them.
>
>
> -Original Message-
> From: Tim Funk [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 04, 2007 1:14 PM
> To: Tomcat Users List
> Subje
ontact the sender and delete them.
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 04, 2007 1:14 PM
To: Tomcat Users List
Subject: Re: setting secure cookie in Tomcat 5.0 config
If you are talking about the JSESSIONID cookie - if the session is
created
them.
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 04, 2007 1:14 PM
To: Tomcat Users List
Subject: Re: setting secure cookie in Tomcat 5.0 config
If you are talking about the JSESSIONID cookie - if the session is
created while your are using SSL - the s
If you are talking about the JSESSIONID cookie - if the session is
created while your are using SSL - the secure flag is set for you.
Nothing to configure.
-Tim
Biagi, Bill (Contractor) wrote:
How do you set Tomcat 5.0 to use secure cookies on an SSL session. Back
in 3.3 it was an attribute
How do you set Tomcat 5.0 to use secure cookies on an SSL session. Back
in 3.3 it was an attribute in server.xml of the SessionId module element
called secureCookie. Setting it to true used to mark the session id
cookie as "secure" if the session was established over SSL.
BB
This e-mail and it
11 matches
Mail list logo