Win a copy of Penetration Testing Basics this week in the Security forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Configuring Digitally signed cookie in WAS 6.1

Roshini Sridharan
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I work on web application that's built on Struts framework and deployed in Websphere Application Server 6.1 [ND].

There's a requirement to exchange digitally signed cookie between the browser to server access.. Would like to know if we could configure the WAS to exchange digitally signed / hashed cookie or is to be done via the Java code by implementing some Servlet filters.. ?

Find that the we can configure Secure cookies -- Enabling the feature restricts the exchange of cookies to HTTPS sessions only. [ i understand that the cookie is encrypted and sent over the secure layer (SSL) ]. Does it include a digital signature when using secure cookies.. ?

Request some insights on the understanding and ideas on how this can be implemented.

Roshini S
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic