Foros de discusión

  1. Inicio
  2. Development
  3. How to use <http-only> and <secure> tag are supported in Liferay

How to use <http-only> and <secure> tag are supported in Liferay

Girish kumar, modificado hace 10 años.

How to use <http-only> and <secure> tag are supported in Liferay

Junior Member Mensajes: 26 Fecha de incorporación: 17/06/13 Mensajes recientes
Hi All,

We want to use below tags in web.xml in Jboss server:

<session-config>
<cookie-config>
<http-only>true</http-only>
<secure>true</secure>
</cookie-config>
<tracking-mode>COOKIE</tracking-mode>
</session-config>

By default Liferay 6120 supports the servlet spec 2.4 but the above tags are not supported in servlet spec 2.4.

Is With Liferay Portal 6.1.20 servelt 3.0 spec compliant because then only would be able to use above tags in web.xml


Env Details:
JBOSS Application Server:JBoss EAP 6.0.1.GA (AS 7.1.3.Final-redhat-4)
Liferay :Liferay Portal 6.1.20 (Paton / Build 6120 / July 31, 2012)


Thanks.
Girish kumar, modificado hace 10 años.

RE: How to use <http-only> and <secure> tag are supported in Liferay

Junior Member Mensajes: 26 Fecha de incorporación: 17/06/13 Mensajes recientes
Hi All,

Anybody is having idea on this query.

Thanks.
thumbnail
Suresh Yadagiri, modificado hace 8 años.

RE: How to use <http-only> and <secure> tag are supported in Liferay

Junior Member Mensajes: 29 Fecha de incorporación: 24/03/14 Mensajes recientes
We have same required. Did you find any solution?
thumbnail
David H Nebinger, modificado hace 8 años.

RE: How to use <http-only> and <secure> tag are supported in Liferay

Liferay Legend Mensajes: 14916 Fecha de incorporación: 2/09/06 Mensajes recientes
No, the web.xml isn't used in portlets really. Whatever settings you have there don't really apply to the portlet.
thumbnail
Naresh Reddy Kallamadi, modificado hace 7 años.

RE: How to use <http-only> and <secure> tag are supported in Liferay

Regular Member Mensajes: 120 Fecha de incorporación: 9/07/14 Mensajes recientes
RE: How to use <http-only> and <secure> tag are supported in Liferay
thumbnail
Jorge Díaz, modificado hace 7 años.

RE: How to use <http-only> and <secure> tag are supported in Liferay

Liferay Master Mensajes: 753 Fecha de incorporación: 9/01/14 Mensajes recientes
"HttpOnly" is activated by default since Liferay 7. See LPS-61285

For Liferay 6.2 you have to manually modify the web.xml file inside ROOT/WEB-INF and configure the session-config see Liferay 7 code: https://github.com/brianchandotcom/liferay-portal/pull/34327/files