What is the exact use of this bellow entry in WAS6.1 server.xml. Can you please tell me why we need this "defaultCookieSettings" and his attribut "secure=false".
defaultCookieSettings xmi:id="Cookie_1282579260990" domain="" maximumAge="-1" secure="false"
<components xmi:type="applicationserver.webcontainer:WebContainer" xmi:id="WebContainer_1282579260990" enableServletCaching="false" disablePooling="false">
<stateManagement xmi:id="StateManageable_1282579260993" initialState="START"/>
<services xmi:type="applicationserver.webcontainer:SessionManager" xmi:id="SessionManager_1282579260990" enable="true" enableUrlRewriting="false" enableCookies="true" enableSSLTracking="false" enableProtocolSwitchRewriting="false" sessionPersistenceMode="NONE" enableSecurityIntegration="false" allowSerializedSessionAccess="false" maxWaitTime="5" accessSessionOnTimeout="true">
<defaultCookieSettings xmi:id="Cookie_128257926开发者_开发知识库0990" domain="" maximumAge="-1" secure="false"/>
<sessionDatabasePersistence xmi:id="SessionDatabasePersistence_1282579260990" datasourceJNDIName="jdbc/Sessions" userId="db2admin" password="{xor}Oz1tPjsyNjE=" db2RowSize="ROW_SIZE_4KB" tableSpaceName=""/>
<tuningParams xmi:id="TuningParams_1282579260990" usingMultiRowSchema="false" maxInMemorySessionCount="1000" allowOverflow="true" scheduleInvalidation="false" writeFrequency="TIME_BASED_WRITE" writeInterval="10" writeContents="ONLY_UPDATED_ATTRIBUTES" invalidationTimeout="30">
<invalidationSchedule xmi:id="InvalidationSchedule_1282579260990" firstHour="14" secondHour="2"/>
</tuningParams>
</services>
</components>
If I change into from secure="true" then what will be the impact
The setting will specify that the session cookies include the secure field. Enabling the feature restricts the exchange of cookies to HTTPS sessions only.
精彩评论