java - how to set JSESSIONID cookie as secure using Spring security 2 and Apache Tomcat 7 setting -

-

how set jsessionid cookie secure using spring security 2 , apache tomcat 7 setting.

have put in code below in web.xml , deosn't seem working.

<cookie-config>    <secure>true</secure> </cookie-config>

thanks

use following:

<session-config>   <cookie-config>     <secure>true</secure>     <http-only>true</http-only>   </cookie-config> </session-config>

Comments

Post a Comment

Popular posts from this blog

All overlapping substrings matching a java regex -

-
is there api method returns (possibly overlapping) substrings match regular expression? for example, have text string: string t = 04/31 412-555-1235; , , have pattern: pattern p = new pattern("\\d\\d+"); matches strings of 2 or more characters. the matches are: 04, 31, 412, 555, 1235. how overlapping matches? i want code return: 04, 31, 41, 412, 12, 55, 555, 55, 12, 123, 1235, 23, 235, 35. theoretically should possible -- there obvious o(n^2) algorithm enumerates , checks substrings against pattern. edit rather enumerating substrings, safer use region(int start, int end) method in matcher . checking pattern against separate, extracted substring might change result of match (e.g. if there non-capturing group or word boundary check @ start/end of pattern). edit 2 actually, it's unclear whether region() expect zero-width matches. specification vague, , experiments yield disappointing results. for example: string line = "xx90xx"; strin...
Read more

c++ - Using OpenSSL in a multi-threaded application -

-
i have been writing soap client application in c++ on ubuntu using openssl https transport , pthreads threading. have number of threads - 1 central data acquisition thread periodically gets worker threads make soap requests via shared mutex protected queues. reading documentation openssl found is openssl thread-safe? in openssl faq describes mechanisms required ensure thread safety when using openssl. implemented , works fine. the reason question conceptual difficulty really. thinking implementing same functionality application has already, instead of using threads, create 2 seperate applications : 1 worker thread (of multiple copies running) , main data acquisition thread. use tcp sockets communicate between 2 rather mutex protected queues. may bad idea not important - confusing me would have implement same functions required ensure openssl thread safety in second approach or not? my guess not have , treated independent (indeed surely must many applications use openssl) re...
Read more

php - Deleting/Renaming a locked file -

-
with php, there way force unlock file (for renaming/deleting) locked running program on same server? more details: have image service running on server caches large pathology images web when try delete or rename images through php interface, cannot when image files locked , still being accessed web image service. i have no control on web service cannot tell close image. work around restart web service , delete/rename files cause service interruption other users trying access other images through web. os: windows server 2003
Read more