One can check whether a cookie or request is secure by invoking isSecure().
I propose to add the following to interface javax.servlet.http.HttpSession
public boolean isSecure();
This will allow us to check whether a session is created through http or
https.
Any comment?
Shing Wai Chan