tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From billbar...@apache.org
Subject cvs commit: jakarta-tomcat/src/doc serverxml.html
Date Sun, 03 Nov 2002 02:42:13 GMT
billbarker    2002/11/02 18:42:13

  Modified:    src/doc  serverxml.html
  Log:
  Document new attribute to SessionId.
  
  Revision  Changes    Path
  1.29      +11 -3     jakarta-tomcat/src/doc/serverxml.html
  
  Index: serverxml.html
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/doc/serverxml.html,v
  retrieving revision 1.28
  retrieving revision 1.29
  diff -u -r1.28 -r1.29
  --- serverxml.html	19 Sep 2002 11:13:18 -0000	1.28
  +++ serverxml.html	3 Nov 2002 02:42:13 -0000	1.29
  @@ -2501,13 +2501,21 @@
     </tr>
     <tr valign="top">
       <td>checkSSLSessionId<br><b>[Tomcat 3.3.1]</b></td>
  -    <td>If true, Tomcat session will be verified against SSL session to prevent
  +    <td>If <code>true</code>, Tomcat session will be verified against
SSL session to prevent
         (malicious) use of other users' sessions. In order for this to work, SSL
         has to be enabled (through Apache) and SSL Session ID has to be known to
         Tomcat. More information can be found in mod_jk documentation.</td>
       <td>false</td>
     </tr>
  -
  +  <tr valign="top>
  +    <td>secureCookie<br><b>[Tomcat 3.3.2]</b></td>
  +    <td>If <code>true</code>, then Tomcat will mark the Session ID cookie
as
  +      as "Secure" if the session is created over a SSL connection.  A 
  +      conforming browser will only send the cookie back to a page that is using
  +      SSL.  The effect is that if a session is created from a SSL page, than 
  +      it is not available to any non-SSL pages.</td>
  +    <td>true</td>
  +  </tr>
   </table>
   
   <h4>Example(s)</h4>
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message