2

WAS6.1 server.xml 中此波纹管条目的确切用途是什么。你能告诉我为什么我们需要这个“defaultCookieSettings”和他的属性“secure=false”。

defaultCookieSettings xmi:id="Cookie_1282579260990" domain="" maximumAge="-1" secure="false"

 <components xmi:type="applicationserver.webcontainer:WebContainer" xmi:id="WebContainer_1282579260990" enableServletCaching="false" disablePooling="false">
      <stateManagement xmi:id="StateManageable_1282579260993" initialState="START"/>
      <services xmi:type="applicationserver.webcontainer:SessionManager" xmi:id="SessionManager_1282579260990" enable="true" enableUrlRewriting="false" enableCookies="true" enableSSLTracking="false" enableProtocolSwitchRewriting="false" sessionPersistenceMode="NONE" enableSecurityIntegration="false" allowSerializedSessionAccess="false" maxWaitTime="5" accessSessionOnTimeout="true">
        <defaultCookieSettings xmi:id="Cookie_1282579260990" domain="" maximumAge="-1" secure="false"/>
        <sessionDatabasePersistence xmi:id="SessionDatabasePersistence_1282579260990" datasourceJNDIName="jdbc/Sessions" userId="db2admin" password="{xor}Oz1tPjsyNjE=" db2RowSize="ROW_SIZE_4KB" tableSpaceName=""/>
        <tuningParams xmi:id="TuningParams_1282579260990" usingMultiRowSchema="false" maxInMemorySessionCount="1000" allowOverflow="true" scheduleInvalidation="false" writeFrequency="TIME_BASED_WRITE" writeInterval="10" writeContents="ONLY_UPDATED_ATTRIBUTES" invalidationTimeout="30">
          <invalidationSchedule xmi:id="InvalidationSchedule_1282579260990" firstHour="14" secondHour="2"/>
        </tuningParams>
      </services>
    </components>

如果我更改为 from secure="true" 那么会有什么影响

4

1 回答 1

2

该设置将指定会话 cookie 包含安全字段。启用该功能会将 cookie 的交换限制为仅 HTTPS 会话。

于 2011-02-05T13:17:16.260 回答