Here's a starting point for you: https://www.eclipse.org/jetty/documentation/9.4.5.v20170502/configuring-specific-webapp-deployment.html
Make sure the xml file you put in $jetty.base/webapps is called the same as your war: for example if your war is called "foo.war" call the xml file "foo.xml" so the deployer knows they're related. In it, you can call any of the getters and setters on the org.eclipse.jetty.webapp.WebAppContext: the method you want to look at is "setDefaultsDescriptor(String location)": https://github.com/eclipse/jetty.project/blob/jetty-9.4.x/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppContext.java#L1105 To put it in xml do: <Set name="defaultsDescriptor"><Property name="jetty.base" default="."/>/etc/webdefault.xml</Set> Jan On 18 May 2017 at 14:49, Hoffman, Richard D. < [email protected]> wrote: > No. How should I do that? > > > Richard Hoffman, PhD > Software Developer, Principal > U.S. Army Research Laboratory > Contractor, Secure Mission Solutions, a Parsons Company > Phone: 410-306-4906 <(410)%20306-4906> > [email protected] > [email protected] > ------------------------------ > *From:* [email protected] <[email protected]> > on behalf of Jan Bartel <[email protected]> > *Sent:* Thursday, May 18, 2017 3:29 AM > *To:* JETTY user mailing list > *Subject:* Re: [jetty-users] Jetty 9.4.5 HttpOnly. > > Actually don't bother following my suggestion, I've checked the code and I > can't reproduce the problem at all. Are you sure you've told your webapp > to use $jetty.base/etc/webdefault.xml as its defaultsdescriptor? > > Jan > > On 18 May 2017 at 09:02, Jan Bartel <[email protected]> wrote: > >> Have you tried specifying <name>JSESSIONID</name> or whatever the name of >> the cookie is that you want to use inside the <cookie-config>? Let me know >> if that works, I'll see if we're not defaulting it to JSESSIONID if not >> supplied. >> >> Jan >> >> On 18 May 2017 at 01:07, Lord Buddha <[email protected]> wrote: >> >>> Is it/should it possible to use jetty.base/etc/webdefault.xml to default >>> the setting of HttpOnly to true for the session cookie. >>> >>> Have tried >>> >>> <session-config> >>> <session-timeout>30</session-timeout> >>> <cookie-config> >>> <http-only>true</http-only> >>> </cookie-config> >>> </session-config> >>> >>> and >>> >>> <session-config> >>> <session-timeout>30</session-timeout> >>> <http-only>true</http-only> >>> </session-config> >>> >>> or is there some other alternate besides doing in the apps web.xml ? >>> >>> /David >>> >>> _______________________________________________ >>> jetty-users mailing list >>> [email protected] >>> To change your delivery options, retrieve your password, or unsubscribe >>> from this list, visit >>> https://dev.eclipse.org/mailman/listinfo/jetty-users >>> >> >> >> >> -- >> Jan Bartel <[email protected]> >> www.webtide.com >> *Expert assistance from the creators of Jetty and CometD* >> >> > > > -- > Jan Bartel <[email protected]> > www.webtide.com > *Expert assistance from the creators of Jetty and CometD* > > > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://dev.eclipse.org/mailman/listinfo/jetty-users > -- Jan Bartel <[email protected]> www.webtide.com *Expert assistance from the creators of Jetty and CometD*
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
