16.8 Enabling Secure or HTTPOnly Flags for Cluster Cookies

By default IDP and ESP cluster cookies do not have any secure or HTTPOnly flags.

To set the cluster cookies in IDP you must add the following parameter at the NIDP web.xml and restart tomcat:

Add the following parameters in the web.xml below the ldapLoadThreshold context param:

<context-param> <param-name>secureClusterCookie</param-name> <param-value>true</param-value> </context-param> <context-param> <param-name>httponlyClusterCookie</param-name> <param-value>true</param-value> </context-param>

To set the cluster cookies in ESP, you must add the following parameter at the NESP web.xml and restart tomcat:

Add the following parameters in the web.xml below the ldapLoadThreshold context param:

<context-param> <param-name>httponlyClusterCookie</param-name> <param-value>true</param-value> </context-param>

NOTE:The secure cookies cannot be configured for ESP cluster as the communication between the Access Gateway and NESP is over HTTP on the loopback interface.