[jboss-user] HttpOnly and jboss
pat
pat at xvalheru.org
Wed Sep 8 04:18:08 EDT 2010
Hello,
I'm new to this list. I want to setup usage of HttpOnly for cookies for
enterprise application, but without luck.
I've searched and found these:
1) Jboss 4.3 - add useHttpOnly="true" attribute to Context element in the web
application's context.xml
2) Jboss 5.x - add new element as subelement of the Context element in the web
application's context.xml; the element is <SessionCookie httpOnly="true"/>
(I've also try <SessionCookie path="/" httpOnly="true"/>)
None of these works for me.
The application is a enterprise application with web application packed in the
WAR archive. I've changed the context.xml which is in the WEB-INF directory of
the web application.
To check if the HttpOnly presents I'm using "Live HTTP headers" Firefox plug-in.
I'm sure I've missed something, but what I cannot find.
Thanks for help
Pat
----------------------------------------
Freehosting PIPNI - http://www.pipni.cz/
More information about the jboss-user
mailing list