If you are talking about the JSESSIONID cookie - if the session is
created while your are using SSL - the secure flag is set for you.
Nothing to configure.
-Tim
Biagi, Bill (Contractor) wrote:
How do you set Tomcat 5.0 to use secure cookies on an SSL session. Back
in 3.3 it was an attribute in server.xml of the SessionId module element
called secureCookie. Setting it to true used to mark the session id
cookie as "secure" if the session was established over SSL.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
