This configuration is being done in a $jetty_home/contexts/myApp.xml file that corresponds to and controls the ../webapps/myApp
Here's the full file <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" " http://jetty.mortbay.org/configure.dtd";> <Configure class="org.eclipse.jetty.webapp.WebAppContext"> <Get name="sessionHandler"> <Get name="sessionManager"> <Get name="sessionCookieConfig"> <Set name="secure" type="boolean">true</Set> </Get> </Get> </Get> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --> <!-- Required minimal context configuration : --> <!-- + contextPath --> <!-- + war OR resourceBase --> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --> <Set name="contextPath">/report</Set> <Set name="war"><SystemProperty name="webapp.dir" />/report/</Set> <Set name="tempDirectory">/var/poseur/work_files/report_<SystemProperty name="jetty.port" /></Set> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --> <!-- Optional context configuration --> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --> <Set name="extractWAR">false</Set> <Set name="copyWebDir">false</Set> <Get name="sessionHandler"> <Get name="sessionManager"> <Set name="httpOnly" type="boolean">true</Set> </Get> </Get> </Configure> On Thu, Feb 13, 2014 at 6:55 PM, Joakim Erdfelt <[email protected]> wrote: > Also, what is the DTD declaration of those XML files? (yes, its important) > > -- > Joakim Erdfelt <[email protected]> > webtide.com <http://www.webtide.com/> - intalio.com/jetty > Expert advice, services and support from from the Jetty & CometD experts > eclipse.org/jetty - cometd.org > > > On Thu, Feb 13, 2014 at 4:54 PM, Joakim Erdfelt <[email protected]>wrote: > >> There's not enough information to answer your original question. >> Where are you attempting to do this? >> The server side? the deployment side? the webapp side? or something else? >> >> -- >> Joakim Erdfelt <[email protected]> >> webtide.com <http://www.webtide.com/> - intalio.com/jetty >> Expert advice, services and support from from the Jetty & CometD experts >> eclipse.org/jetty - cometd.org >> >> >> On Thu, Feb 13, 2014 at 4:51 PM, Tom Vaughan <[email protected]>wrote: >> >>> Thanks for the prompt reply; because of the way our upgrade/deployment >>> process works it's going to be easier for me to change the jetty-side >>> configuration than to change the application web.xmls >>> >>> Did the configuration I pasted in the original email look right? >>> >>> >>> On Thu, Feb 13, 2014 at 6:49 PM, Joakim Erdfelt <[email protected]>wrote: >>> >>>> Jetty 8.x is Servlet 3.0, its easier to use the standard location in >>>> the WEB-INF/web.xml of your webapp. >>>> >>>> <session-config> >>>> <cookie-config> >>>> <secure>true</secure> >>>> </cookie-config> >>>> </session-config> >>>> >>>> >>>> -- >>>> Joakim Erdfelt <[email protected]> >>>> webtide.com <http://www.webtide.com/> - intalio.com/jetty >>>> Expert advice, services and support from from the Jetty & CometD >>>> experts >>>> eclipse.org/jetty - cometd.org >>>> >>>> >>>> On Thu, Feb 13, 2014 at 4:37 PM, Tom Vaughan <[email protected]>wrote: >>>> >>>>> Hi - >>>>> >>>>> I'm upgrading from jetty 6.1.22 to 8.1.8 and I've notice that the >>>>> configuration for setting cookies to be secure has moved under a layer of >>>>> indirection. I'm having trouble configuring it and I'm hoping someone on >>>>> this list can clue me in to what I'm doing wrong. >>>>> >>>>> Basically, in 6.1.22 I could do this: >>>>> >>>>> <Get name="sessionHandler"> >>>>> <Get name="sessionManager"> >>>>> <Set name="secureCookies">true</Set> >>>>> </Get> >>>>> </Get> >>>>> >>>>> In 8.1.8 it looks like the code path should be: >>>>> >>>>> >>>>> WebAppContext.getSessionHandler().getSessionManager().getSessionCookieConfig().setSecure(true); >>>>> >>>>> Seems straight forward enough. >>>>> >>>>> So here's my new context configuration: >>>>> >>>>> <Configure class="org.eclipse.jetty.webapp.WebAppContext"> >>>>> <Get name="sessionHandler"> >>>>> <Get name="sessionManager"> >>>>> <Get name="sessionCookieConfig"> >>>>> <Set name="secure" type="boolean">true</Set> >>>>> </Get> >>>>> </Get> >>>>> </Get> >>>>> >>>>> But when I start jetty, the context dies with this error in the logs: >>>>> oejx.XmlConfiguration:Config error at true >>>>> java.lang.NoSuchMethodException: class >>>>> org.eclipse.jetty.server.session.AbstractSessionManager$2.setSecure(boolean) >>>>> >>>>> >>>>> Why is it trying to call setSecure on the sessionManager instead of >>>>> the sessionManager's sessionCookieConfig? >>>>> >>>>> Any thoughts? >>>>> >>>>> Thanks in advance! >>>>> Tom >>>>> >>>>> >>>>> P.S. this is an x-post of a stack overflow question, so if you want >>>>> some karma, you can answer over there: >>>>> http://stackoverflow.com/questions/21763824/setting-secure-cookies-on-jetty-6-8-upgrade >>>>> >>>>> _______________________________________________ >>>>> jetty-users mailing list >>>>> [email protected] >>>>> https://dev.eclipse.org/mailman/listinfo/jetty-users >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> jetty-users mailing list >>>> [email protected] >>>> https://dev.eclipse.org/mailman/listinfo/jetty-users >>>> >>>> >>> >>> _______________________________________________ >>> jetty-users mailing list >>> [email protected] >>> https://dev.eclipse.org/mailman/listinfo/jetty-users >>> >>> >> > > _______________________________________________ > jetty-users mailing list > [email protected] > https://dev.eclipse.org/mailman/listinfo/jetty-users > >
_______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
