How to activate secure cookies in Wildfly?

java servlets cookies wildfly wildfly-8
gurghet picture gurghet · Jul 1, 2015 · Viewed 14.1k times · Source

I’m trying to add the secure flag to my cookies for a web app in Wildfly (version 8.2). In the documentation page of the servlet container settings you’ll find that the children of the “servlet-container” are:

  1. jsp
  2. persistent-sessions
  3. session-cookie
  4. websockets

However I only have jsp and websockets. How do I access the session-cookie settings? If I can’t, how to I add the secure flag to my cookies?

UPDATE: I can’t access the web.xml files inside the wars, only wildfly configuration files.

Answer

Federico Sierra picture Federico Sierra · Jul 1, 2015

Try following command via jboss-cli:

/subsystem=undertow/servlet-container=default/setting=session-cookie:add(http-only=true,secure=true)

or in your standalone.xml:

<servlet-container name="default">
    <session-cookie http-only="true" secure="true"/>
    <jsp-config/>
</servlet-container>

ref: http://wildscribe.github.io/Wildfly/8.2.0.Final/subsystem/undertow/servlet-container/setting/session-cookie/index.html

Related questions

How do you remove a Cookie in a Java Servlet

How do you remove a cookie in a Java servlet? I tried this: http://www.jguru.com/faq/view.jsp?EID=42225 EDIT: The following now works successfully it appears to be the combination of: response.setContentType("text/html"); and cookie.…

Read More
Best option for Session management in Java

Best way managing session in Java. I heard that cookies are not reliable option for this as they gets stored into browser and can be accessed later on? Is this correct? If possible please come up with the answers with …

Read More
Setting httponly in JSESSIONID cookie (Java EE 5)

I'm trying to set the httponly flag on the JSESSIONID cookie. I'm working in Java EE 5, however, and can't use setHttpOnly(). First I tried to create my own JSESSIONID cookie from within the servlet's doPost() by using response.setHeader(). When …

Read More