My Oracle Support Banner

How To Set Up Secure Cookie On WebLogic Server for Hyperion Products (Doc ID 1569358.1)

Last updated on JUNE 17, 2021

Applies to:

Hyperion Financial Management - Version and later
Hyperion Analytic Provider Services - Version and later
Hyperion Foundation Services (including Smartview for Office Toolkit) - Version [1900] and later
Hyperion Essbase Administration Services - Version and later
Hyperion Financial Reporting - Version and later
Information in this document applies to any platform.
December 22,2014


A common Web security problem is session stealing. This happens when an attacker manages to get a copy of your session cookie, generally while the cookie is being transmitted over the network. This can only happen when the data is being sent in clear-text; that is, the cookie is not encrypted.

EPM System web application sets a cookie to track the session. While setting a cookie, especially a session cookie, the server can set the secure flag, which forces the browser to send the cookie over a secure channel. This behavior reduces the risk of session hijacking.

Secure cookies are available only if EPM System products are deployed in an SSL-enabled environment. 


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Essbase - APS
 Essbase - EAS
 Hyperion Financial Management (HFM)
 Financial Reporting (FR)

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.