By default, Talend Administration Center does not set the Secure attribute on the session cookie because Talend Administration Center might not be deployed over TLS. However, in production Talend Administration Center should be deployed over TLS and include the Secure attribute. This can be configured at the Tomcat level.
- Stop your Tomcat server.
Open the following file:
Add the following lines to the session-config section:
<cookie-config> <http-only>true</http-only> <secure>true</secure> </cookie-config>
- Save your changes and restart your Tomcat server.