Jboss Seam JSESSIONID Cookie-Settings

https://stackoverflow.com/questions/12740893

security
jboss
cookies
seam
jsessionid

05-07-2021
|

Question

I wanted to know, how I can override the jsessionid-cookie setting such as httpoly, secure and so on. I didn't find any setting or other easy possibility to set these things. Could it be something in the web.xml under session-config or can I add the settings via an servlet filter?

What would you suggest.

Solution

In web.xml file,

<session-config>
        <cookie-config>
           <http-only>true</http-only>
        </cookie-config>
</session-config>

You can see in

http://middlewaremagic.com/jboss/?p=1041
http://docs.oracle.com/cd/E18930_01/html/821-2417/beash.html

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow