CDV ❯ -Dcom.tc.session.cookie.secure=false does not work as expected

• Type: Bug
• Status: Closed
• Priority: 2 Major
• Resolution: Fixed
• Component/s:
• Labels:

• Assignee: hhuynh
• Reporter: teck
• Created: June 07, 2010
• Votes: 0
• Watchers: 0
• Updated:

  July 27, 2012
• Resolved:

  November 16, 2010

Description

If one sets that tc.property I would expect it force session cookies to never be set “secure”. Unfortunately only specifying true there will have any effect. The code really needs to handle 3 cases:

1) no property specified – default to cookie secure to request.isSecure() 2) property is set to true – cookie is always secure 3) property is set to false – cookie is NEVER secure

Case (3) is currently the only thing broken

Comments

Hung Huynh 2010-11-16

The jira said fix in “3.3 and trunk” but I’m not sure if that is still applied here. Fix currently in trunk only.