0

My architect tells me that when using Apache to Front-end WebLogic, WebLogic can't set the Secure flag in the cookies. Why is that?

We are using Apache to create FIPS 140-2 compliant HTTPS connections.

Update: The reason given is that "The cookie is set by WebLogic, not Apache, because it needs to tie back to a WebLogic session." Does WebLogic not support setting the Secure flag?

4

1 回答 1

1

我的建筑师回复了我。

“我的立场是正确的。看来这确实有效。我被引导相信这不能在 Apache 中完成,因为 Apache 是 SSL 端点,而不是 cookie 的创建者。然而,这实际上是有道理的可以做到。”

于 2013-11-22T14:20:01.257 回答