[jira] [Commented] (GEODE-7438) Session cookie set does not reflect the context's SessionCookieConfig

ASF subversion and git services (Jira) Mon, 02 Dec 2019 07:14:59 -0800


    [ 
https://issues.apache.org/jira/browse/GEODE-7438?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16986123#comment-16986123
 ]


ASF subversion and git services commented on GEODE-7438:
--------------------------------------------------------

Commit e5d07a33cc6a68a0c68b2ea9eabbb8713def9e14 in geode's branch 
refs/heads/develop from thefire
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=e5d07a3 ]

GEODE-7438: Honor isHttpOnly and isSecure from the SessionCookieConfig in the 
ServletContext. (#4311)



> Session cookie set does not reflect the context's SessionCookieConfig
> ---------------------------------------------------------------------
>
>                 Key: GEODE-7438
>                 URL: https://issues.apache.org/jira/browse/GEODE-7438
>             Project: Geode
>          Issue Type: Bug
>          Components: http session
>            Reporter: Charles Smith
>            Priority: Major
>              Labels: docs
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> The session cookie set and used by the HTTP Session module for AppServers 
> should honor the httponly and secure settings of the ServetContext's 
> SessionCookieConfig.
> Currently the cookie created in the SessionCachingFilter.addSessionCookie 
> method does not use any settings from the SessionCookieConfig but it could 
> easily do so.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (GEODE-7438) Session cookie set does not reflect the context's SessionCookieConfig

Reply via email to