Setting Secure attribute on session cookie

By default, Talend Administration Center does not set the Secure attribute on the session cookie because Talend Administration Center might not be deployed over TLS. However, in production Talend Administration Center should be deployed over TLS and include the Secure attribute. This can be configured at the Tomcat level.

Procedure

Stop your Tomcat server.
Open the following file:
<TomcatPath>\conf\web.xml

Add the following lines to the session-config section:

<cookie-config>
    <http-only>true</http-only>
    <secure>true</secure>
</cookie-config>

Save your changes and restart your Tomcat server.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!

Leave your feedback here