{"id":1978,"date":"2011-11-23T19:50:59","date_gmt":"2011-11-23T21:50:59","guid":{"rendered":"http:\/\/www.thiagovespa.com.br\/blog\/?p=1978"},"modified":"2025-10-26T22:38:21","modified_gmt":"2025-10-27T01:38:21","slug":"habilitando-cookies-seguros-no-weblogic","status":"publish","type":"post","link":"https:\/\/thiagovespa.com.br\/blog\/2011\/11\/23\/habilitando-cookies-seguros-no-weblogic\/","title":{"rendered":"Habilitando Cookies Seguros no WebLogic"},"content":{"rendered":"

Em requisi\u00e7\u00f5es HTTPS que utilizam cookies \u00e9 importante habilitar a flag SECURE=\"TRUE\" nos cookies. Para realizar isso no WebLogic, \u00e9 necess\u00e1rio adicionar as seguinte linha no weblogic-application.xml<\/p>\n

\n<wls:session-descriptor>\n<wls:cookie-secure>true<\/wls:cookie-secure>\n<\/wls:session-descriptor><\/pre>\n
E garantir que no console do weblogic esteja marcado o seguinte: Domain -> Configuration -> Web Application tab, enable \"Auth Cookie Enabled\"<\/p>\n
Para garantir, abrir o config.xml do weblogic e adicionar\/alterar a tag:<\/p>\n
\n<auth-cookie-enabled>true<\/auth-cookie-enabled>\n<\/pre>\n
Mais informa\u00e7\u00f5es: http:\/\/www.owasp.org\/index.php\/OWASP_AppSec_FAQ#What_are_these_secure_cookies.3F<\/a><\/p>\n