> From: Joe Wallace [mailto:j...@andar360.com] > Subject: SessionID cookie not secure over SSL > > Is there a setting in Tomcat 6.0.2
Are you really using a version of Tomcat that old (Nov 2006)? > to make the SessionID cookie secure > when created over https when using > AJP 1.3 connector for IIS? What makes you think the cookie isn't being encrypted along with everything else sent over HTTPS? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
