Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

how to secure jsessionid cookie in tomcat 7 using environment variables

Tags:

This is a different question related to securing JSESSIONID cookie in tomcat 7.

I am using a cloud server where we dont have access to tomcat server.xml but can set environment variables and tomcat system variables.

I need to change below setting:

   <Connector port=" ...  />

And add secure="true" attribute using environment properties only. Is there any tomcat environment which I can set. For example we have a tomcat environment variable:

  `logging.dir=/logs/tomcatlogs`

I am using dynamic web module version 2.4 and java 7.

like image 975
Amit Mahajan Avatar asked Aug 11 '17 20:08

Amit Mahajan


1 Answers

Unfortunately (for your pursposes) this setting is per connector, and will affect all applications on that connector. There is no way to set this except at the connector level.

If you truly want to affect only some applications deployed to the server, you could ask the server admins to define a new connector (would require a different port) and just set that one, but that still requires admin intervention, which it sounds like you were trying to avoid.

like image 69
Daniel Avatar answered Oct 11 '22 13:10

Daniel