Cookie settings
Use this page to configure cookie settings for session management.
To view this administrative console page, click Servers > Application
Servers > server_name > Web Container > Session Management > Enable
Cookies.
Configuration tab
-
Cookie name
- Specifies a unique name for the session management cookie. The
servlet specification requires the name JSESSIONID. However, for flexibility
this value can be configured.
-
Secure cookies
- Specifies that the session cookies include the secure field. Enabling
the feature restricts the exchange of cookies to HTTPS sessions only.
-
Cookie domain
- Specifies the domain field of a session tracking cookie. This value
controls whether or not a browser sends a cookie to particular servers. For
example, if you specify a particular domain, session cookies are sent to hosts
in that domain. The default domain is the server.
-
Cookie path
- Specifies that a cookie is sent to the URL designated in the path.
Specify any string representing a path on the server. "/" indicates root directory.
Specify a value to restrict the paths to which the cookie will be sent.
By restricting paths, you prevent the cookie from going to certain URLs on
the server. If you specify the root directory, the cookie is sent no matter
which path on the given server is accessed.
-
Cookie maximum age
- Specifies the amount of time that the cookie lives on the client
browser. Specify that the cookie lives only as long as the current browser
session, or to a maximum age. If you choose the maximum age option, specify
the age in seconds. This value corresponds to the Time to Live (TTL) value
described in the Cookie specification.
Default is the current browser session which is equivalent to setting the
value to -1.