• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

can we set cookies “secure” and “httpOnly” at JVM level

onisha jain
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I know that for servlet 3.0 complaint apps we can set these properties at web.xml level.

For servlet 2.5 or less, we can make these changes at server level(I am using IBM websphere 6.1).

I heard somewhere that we can also make these settings at JVM level.

I have following questions :

1) Is it possible to set these cookie attributes at JVM level.

2) Even if we set it, can there be any impacts on application.

3) Lets say that my application is completely using HTTPS, then it might be safe when we use JVM level settings. But suppose I have few other application running on same JVM then in that case will this create any problem for them?

4) Is there any way to do these settings at JVM level for specific applications.

Any help is appreciated.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic