Setting the HttpOnly and secure attributes for the SMCONSOLE_SSID cookie (Tools release 9.2.4.3)
After you update the Server Manager Console to 9.2.4.3, perform the steps in the following sections to set the HttpOnly and secure attributes for the SMCONSOLE_SSID cookie.
Server Manager Console on Weblogic Server
Stop the Server Manager Console.
Update the weblogic.xml file and uncomment the following lines:
<wls:cookie-secure>true</wls:cookie-secure><wls:cookie-http-only>true</wls:cookie-http-only>Start the Server Manager Console.
After the Server Manager Console starts up, log in to the Server Manager Console over HTTPS or SSL to complete the configuration.
To confirm that the HttpOnly and secure attributes are set for the SMCONSOLE_SSID cookie, use the Browser Debugging tool and ensure that the attributes of this cookie are the same as the attributes shown in the following screenshot:
This completes the configuration.
Server Manager Console on the WebSphere Server
Log in to the WebSphere Admin Console profile in which the Server Manager Console is installed.
Navigate to the J2EE container in which the Server Manager Console is running.
In the Container Settings section, click the Session Management link.
In the General Properties section, select the Enable Cookies option.
Verify that the settings are configured as illustrated in the following screenshot:
Navigate back to the J2EE container in which the Server Manager Console is running and expand the Ports option and note down the port number for the WC_defaulthost_secure name.
This completes the configuration.
Navigate to Virtual Hosts, select default_host, add the port number that you noted in Step 6 for WC_defaulthost_secure, and click Save.
Restart the Server Manager Console and access the console over the WC_defaulthost_secure port.
To confirm that the HttpOnly and secure attributes are set for the SMCONSOLE_SSID cookie, use the Browser Debugging tool and ensure that the attributes of this cookie are as same as the attributes shown in the following screenshot:
