On 30/11/17 08:25, Naga Ramesh wrote:
> I have tried this way (secure="true") also, but application is working fine
> but we are unable to login the application & getting the oops session
> expired error message, so I have reverted this parameter.
OK. For this to work you need Tomcat to be
session
expired error message, so I have reverted this parameter.
Regards,
Naga Ramesh R
1974
-Original Message-
From: Olaf Kock [mailto:tom...@olafkock.de]
Sent: Thursday, November 30, 2017 1:33 PM
To: users@tomcat.apache.org
Subject: Re: getting some cookie & security related iss
On 30.11.2017 08:52, Naga Ramesh wrote:
User > AWS > Tomcat
(HTTPS)(HTTPS)
User-HTTPS request> AWS-ELB(https-443) re-direct to tomcat connector
port-8080
What is the (expected) path when the user makes an HTTPS request? Is it:
User > AWS >
> AWS > Tomcat
(HTTPS)(HTTPS)
Regards,
Naga Ramesh
-Original Message-
From: Mark Thomas [mailto:ma...@apache.org]
Sent: Thursday, November 30, 2017 1:06 PM
To: Tomcat Users List
Subject: Re: getting some cookie & security related issues.
On
On 30/11/2017 06:53, Naga Ramesh wrote:
> Team,
>
> We are facing some issues on security level testing time, so please
> check the below mentioned issues and suggest me the changes on tomcat
> level ASAP.
>
> 1. *Session Cookie do not contain secure attribute:* for this
> what are