To enable an applet to read the JSESSIONID from the Page DOM, I need to be
able to set the HTTPOnly flag to false for (ideally all) cookies. Now, I know
I can set this in the web.xml, but I would like to be able to set this in
Glassfish 3.1 somewhere, as this attribute is not supported in Glassfish
2.1.1 (to the best of my knowledge), and we would like to be able to keep the
application compatible with both, at least until we have completed the move
to Glassfish 3.1.
Is this possible? Alternatively, is there a better way for the Applet to send
the cookies across? As the operations it is performing require the user to be
logged in, it's pretty much essential that it include the JSESSIONID when it
makes request back to the server.
--
[Message sent by forum member 'ipsi']
View Post: http://forums.java.net/node/802609