Example usage for javax.servlet SessionCookieConfig setHttpOnly

List of usage examples for javax.servlet SessionCookieConfig setHttpOnly

  1. HOME
  2. Java
  3. javax
  4. javax.servlet.*
  5. SessionCookieConfig
  6. setHttpOnly

Introduction

In this page you can find the example usage for javax.servlet SessionCookieConfig setHttpOnly.

Prototype

public void setHttpOnly(boolean httpOnly);

Source Link

Document

Marks or unmarks the session tracking cookies created on behalf of the application represented by the <tt>ServletContext</tt> from which this <tt>SessionCookieConfig</tt> was acquired as <i>HttpOnly</i>.

Usage

From source file:alfio.config.Initializer.java

private void configureSessionCookie(ServletContext servletContext) {
    SessionCookieConfig config = servletContext.getSessionCookieConfig();

    config.setHttpOnly(true);

    Validate.notNull(environment, "environment cannot be null!");
    // set secure cookie only if current environment doesn't strictly need HTTP
    config.setSecure(!environment.acceptsProfiles(PROFILE_HTTP));
    ////ww  w  .java2s . co m

    // FIXME and CHECKME what a mess, ouch: https://issues.jboss.org/browse/WFLY-3448 ?
    config.setPath(servletContext.getContextPath() + "/");
    //
}

From source file:com.techlooper.config.web.DispatcherServletInitializer.java

public void onStartup(ServletContext servletContext) throws ServletException {
    super.onStartup(servletContext);
    SessionCookieConfig sessionCookieConfig = servletContext.getSessionCookieConfig();
    sessionCookieConfig.setMaxAge(SessionListener.MAX_INACTIVE_INTERVAL);
    sessionCookieConfig.setHttpOnly(true);
    servletContext.addListener(new SessionListener());
}

From source file:com.thoughtworks.go.server.Jetty9Server.java

@Override
public void setSessionConfig() {
    SessionHandler sessionHandler = webAppContext.getSessionHandler();
    SessionCookieConfig sessionCookieConfig = sessionHandler.getSessionCookieConfig();
    sessionCookieConfig.setHttpOnly(true);
    sessionCookieConfig.setSecure(systemEnvironment.isSessionCookieSecure());
    sessionCookieConfig.setMaxAge(systemEnvironment.sessionCookieMaxAgeInSeconds());
    sessionHandler.setMaxInactiveInterval(systemEnvironment.sessionTimeoutInSeconds());
}

From source file:org.cloudfoundry.identity.uaa.web.UaaSessionCookieConfig.java

@Override
public void setServletContext(ServletContext servletContext) {
    logger.debug("Configuring session cookie.");

    try {//ww  w.j a v  a  2s  .  co m
        SessionCookieConfig config = servletContext.getSessionCookieConfig();
        if (hasText(getComment())) {
            logger.debug(String.format("Configuring session cookie - Comment: %s", getComment()));
            config.setComment(getComment());
        }
        if (hasText(getDomain())) {
            logger.debug(String.format("Configuring session cookie - Domain: %s", getDomain()));
            config.setDomain(getDomain());
        }
        if (getMaxAge() > Integer.MIN_VALUE) {
            logger.debug(String.format("Configuring session cookie - MaxAge: %s", getMaxAge()));
            config.setMaxAge(getMaxAge());
        }
        if (getPath() != null) {
            logger.debug(String.format("Configuring session cookie - Path: %s", getPath()));
            config.setPath(getPath());
        }
        logger.debug(String.format("Configuring session cookie - HttpOnly: %s", isHttpOnly()));
        config.setHttpOnly(isHttpOnly());
        logger.debug(String.format("Configuring session cookie - Secure: %s", isSecure()));
        config.setSecure(isSecure());
        if (hasText(getName())) {
            logger.debug(String.format("Configuring session cookie - Name: %s", getName()));
            config.setName(getName());
        }
    } catch (Exception e) {
        logger.error("Ignoring session cookie config - unable to configure UAA session cookie", e);
    }
}