httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mohammed Imran <Mohammed.Im...@Asia.Xchanging.com>
Subject [users@httpd] Session cookie
Date Wed, 07 Dec 2011 14:09:34 GMT
Hi,

I need to enable the session security cookie to httponly.I tried to update the context.xml

<!-- The contents of this file will be loaded for each web application -->
<Context useHttpOnly="true">

    <!-- Default set of monitored resources -->
    <WatchedResource>WEB-INF/web.xml</WatchedResource>

    <!-- Uncomment this to disable session persistence across Tomcat restarts -->
    <!--
    <Manager pathname="" />
    -->

But it doesn't work.


"CONFIDENTIALITY NOTICE: This message and any attachment are confidential and may also be
privileged. If you are not the intended recipient of this e-mail you may not copy, forward,
disclose or otherwise use it or any part of it in any form whatsoever. If you are not the
intended recipient please telephone or e-mail the sender and delete this message and any attachment
from your system."

Mime
View raw message