Got it. Thanks, guys.
2012/12/4 Konstantin Kolinko knst.koli...@gmail.com
2012/12/4 techienote@gmail.com:
Hi Zhi,
You can set following parameters in web.xml of application.
session-config
cookie-config
http-onlytrue/http-only
securetrue/secure
/cookie-config
Sorry, I don't find any doc to introduce this. There are a lot of docs to
show how to implement the feature in conf/context.xml.
Context useHttpOnly=true
...
/Context
Who can tell me how to implement the feature in application level?
For example, I have 2 applications in the Tomcat server. One