I wonder if it is possible, through UCM or Weblogic configurations, to automatically create the JSESSIONID cookie used when a user is logged on with the secure flag?
I have not found any parameters so far that could allow this.
Thanks in advance!
What's your use case for this? are you talking about a regular user-browser session or something like a remote integration where you want to execute authenticated POST-based REST instead of web service calls?
Ryan Sullivan | ECMconsultant
We have public Websites running on UCM/SiteStudio which are only accessible through SSL by visitors. The aim is that every cookies should be secure to be sure that they are not transmitted in plain text to our server.
We thus would like to find a way to put the secure flag on JSESSIONID to avoid any case of session hijacking.