Hi Robert,
Stripes will not control the settings of the session cookie issued by the container. If you are using Servlet 3.0, you can use a <session-config><cookie-config> elementsin your web.xml to set both HttpOnly and Secure. If you are using a Servlet version less than 3.0, then you will need to probably check your container's documentation. Most of the containers have server configuration parameters which allow for the session cookies to be set as HttpOnly and Secure.
Thanks.
-- Rick
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!
http://sdm.link/slashdot_______________________________________________
Stripes-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/stripes-users