You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2024-08-02 12:23:36
- Felix
- Moderator
- Registered: 2022-08-01
[Guide] Securing Cookies
Hi,
we register an uprising interest in securing of infrastructure.
One customer asked how to set the "secure flag" of cookies used by our ReportServer... luckily this can be done "on the fly".
This flag controls the behavior between browser and server and "stores" the cookie encrypted so that other (malicious) websites could not use it.
To archieve this you can simply configure your tomcat installation by adding
<session-config>
<cookie-config>
<http-only>true</http-only>
<secure>true</secure>
</cookie-config>
</session-config>to your web.xml (and don't forget to restart 
)
Softwareentwickler bei Infofabrik
Offline
Pages: 1