RE: setting secure cookie in Tomcat 5.0 config

2007-10-05 Thread Biagi, Bill (Contractor)
ailto:[EMAIL PROTECTED] Sent: Friday, October 05, 2007 6:47 AM To: Tomcat Users List Subject: Re: setting secure cookie in Tomcat 5.0 config In that case - this should do the trick: http://tomcat.apache.org/tomcat-6.0-doc/config/http.html -Tim Biagi, Bill (Contractor) wrote: > The thing

Re: setting secure cookie in Tomcat 5.0 config

2007-10-05 Thread Tim Funk
omcat Users List Subject: Re: setting secure cookie in Tomcat 5.0 config Not really. The reason is its rather nonsensical for any webserver to set a cookie as secure when the request is not secure. -Tim Biagi, Bill (Contractor) wrote: I've got a set of Cisco load balancers doing the SSL

RE: setting secure cookie in Tomcat 5.0 config

2007-10-04 Thread Biagi, Bill (Contractor)
share or use them without Fannie Mae's approval. If received in error, contact the sender and delete them. -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Thursday, October 04, 2007 2:13 PM To: Tomcat Users List Subject: Re: setting secure cookie in Tomcat 5.0 config

RE: setting secure cookie in Tomcat 5.0 config

2007-10-04 Thread Biagi, Bill (Contractor)
error, contact the sender and delete them. -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Thursday, October 04, 2007 2:13 PM To: Tomcat Users List Subject: Re: setting secure cookie in Tomcat 5.0 config Not really. The reason is its rather nonsensical for any webserv

Re: setting secure cookie in Tomcat 5.0 config

2007-10-04 Thread Tim Funk
sender and delete them. -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Thursday, October 04, 2007 1:38 PM To: Tomcat Users List Subject: Re: setting secure cookie in Tomcat 5.0 config You'll need to install fiddler to sniff when the cookie is being set. If the req

RE: setting secure cookie in Tomcat 5.0 config

2007-10-04 Thread Caldarale, Charles R
> From: Biagi, Bill (Contractor) [mailto:[EMAIL PROTECTED] > Subject: RE: setting secure cookie in Tomcat 5.0 config > > I've got a set of Cisco load balancers doing the SSL so > Tomcat does not know that these sessions are SSL. > > Is there any way to force To

RE: setting secure cookie in Tomcat 5.0 config

2007-10-04 Thread Biagi, Bill (Contractor)
Do not share or use them without Fannie Mae's > approval. If received in error, contact the sender and delete them. > > > -Original Message- > From: Tim Funk [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 04, 2007 1:14 PM > To: Tomcat Users List > Subje

Re: setting secure cookie in Tomcat 5.0 config

2007-10-04 Thread Tim Funk
ontact the sender and delete them. -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Thursday, October 04, 2007 1:14 PM To: Tomcat Users List Subject: Re: setting secure cookie in Tomcat 5.0 config If you are talking about the JSESSIONID cookie - if the session is created

RE: setting secure cookie in Tomcat 5.0 config

2007-10-04 Thread Biagi, Bill (Contractor)
them. -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Thursday, October 04, 2007 1:14 PM To: Tomcat Users List Subject: Re: setting secure cookie in Tomcat 5.0 config If you are talking about the JSESSIONID cookie - if the session is created while your are using SSL - the s

Re: setting secure cookie in Tomcat 5.0 config

2007-10-04 Thread Tim Funk
If you are talking about the JSESSIONID cookie - if the session is created while your are using SSL - the secure flag is set for you. Nothing to configure. -Tim Biagi, Bill (Contractor) wrote: How do you set Tomcat 5.0 to use secure cookies on an SSL session. Back in 3.3 it was an attribute