Skip to main content Skip to complementary content

Setting Secure attribute on session cookie

By default, Talend Administration Center does not set the Secure attribute on the session cookie because Talend Administration Center might not be deployed over TLS. However, in production Talend Administration Center should be deployed over TLS and include the Secure attribute. This can be configured at the Tomcat level.

Procedure

  1. Stop your Tomcat server.
  2. Open the following file:
    <TomcatPath>/conf/web.xml
  3. Add the following lines to the session-config section: 
    <cookie-config>
    <http-only>true</http-only>
    <secure>true</secure>
</cookie-config>
  4. Save your changes and restart your Tomcat server.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here