Secure flag missing

Document ID:  TEC1853768
Last Modified Date:  07/11/2017
{{active ? 'Hide' : 'Show'}} Technical Document Details

Products

  • CA API Developer Portal

Releases

  • CA API Developer Portal:Release:3.5

Components

  • API PORTAL:APIPRD
Introduction:

Secure flag is missing on session cookie

Instructions:

1. Service apiportal stop

2. Edit the file server/conf/server.xml


Add secure="true" attribute to <Connector port="37080">


Example:
<Connector port="37080" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="50443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true"
compression="on"
compressableMimeType="text/plain,text/html,text/xml,text/css,text/javascript,application/x-javascript,application/javascript"
secure="true"
/>


useHttpOnly="true" is safe to use for all installations while secure="true" should only be used if the SSL is being used exclusively.

3. Service apiportal start

Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255

{{status}}

Not what you were looking for?

Search Again >

Product Information

Support by Product >

Communities

Join a Community >