---- josef_a <[EMAIL PROTECTED]> schrieb: > i try to setup myfaces to use only secure cookies (cookies wich are only > sent by https). > Does anybody know, how to manage this?
I've never heard of "secure cookies". Cookies are sent from client to server as part of an http (or https) request. Cookies are sent back from server to client embedded in the response. So if the webapp is entirely accessed via https, then the cookies will be encrypted. If the webapp is accessed via http then they will not. In any case, this has nothing to do with MyFaces. The only cookie MyFaces ever uses is the standard http session cookie, and that's a webapp-level issue rather than a JSF library issue. So you need to read about how to configure a WEBAPP with https. Regards, Simon
