You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@geode.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2019/12/02 15:14:00 UTC
[jira] [Commented] (GEODE-7438) Session cookie set does not reflect
the context's SessionCookieConfig
[ https://issues.apache.org/jira/browse/GEODE-7438?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16986123#comment-16986123 ]
ASF subversion and git services commented on GEODE-7438:
--------------------------------------------------------
Commit e5d07a33cc6a68a0c68b2ea9eabbb8713def9e14 in geode's branch refs/heads/develop from thefire
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=e5d07a3 ]
GEODE-7438: Honor isHttpOnly and isSecure from the SessionCookieConfig in the ServletContext. (#4311)
> Session cookie set does not reflect the context's SessionCookieConfig
> ---------------------------------------------------------------------
>
> Key: GEODE-7438
> URL: https://issues.apache.org/jira/browse/GEODE-7438
> Project: Geode
> Issue Type: Bug
> Components: http session
> Reporter: Charles Smith
> Priority: Major
> Labels: docs
> Time Spent: 20m
> Remaining Estimate: 0h
>
> The session cookie set and used by the HTTP Session module for AppServers should honor the httponly and secure settings of the ServetContext's SessionCookieConfig.
> Currently the cookie created in the SessionCachingFilter.addSessionCookie method does not use any settings from the SessionCookieConfig but it could easily do so.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)