> Can you check that it's possible to force the secure flag with an HTTP
> connector? Some load-balancer-based setups need this (although direct
> HTTP connections from a browser will not work, obviously).
I can confirm you that is possible, you just have to add
'secure="true"' in the HTTP connec
* Yann Rouillard:
> Yes it could be seen that way, as we discussed with Emmanuel during the
> Paris BSP today, but in fact it's even better, I checked and there is no
> problem with Tomcat as the Secure flag as it already automatically set
> with the default configuration:
>
> - if Tomcat is ac
Hi Florian,
Yes it could be seen that way, as we discussed with Emmanuel during the
Paris BSP today, but in fact it's even better, I checked and there is no
problem with Tomcat as the Secure flag as it already automatically set
with the default configuration:
- if Tomcat is accessed through th
> There is already an upstream bug for this problem located at this url:
> https://issues.jenkins-ci.org/browse/JENKINS-25019
> with a proposed fix that only adresses the HttpOnly issue for Tomcat.
Why isn't the missing “secure” flag a Tomcat configuration issue?
--
To UNSUBSCRIBE, email to debi
4 matches
Mail list logo
