Hi All,
This problem is regarding cookie security over SSL(https). We are running a
J2EE webapplication, our motive is to get the cookie's isSecure flag set
to true. We tried researching around the resin config settings for this but
no luck. Details of the approach we tried and the issue faced
Why aren't you creating the cookies with setSecure(true) in the first place?
If you have tons of legacy code that sets cookies, why not create a
Filter that wraps HttpServletResponse (there is a convenient
HttpServletResponseWrapper for this), intercepts the addCookie()
method calls, and calls
