Setting "secure" and "httponly" Attribute Values For Session Cookies Generated By Single Sign-On (OAM/SSO) 11g Products
(Doc ID 1459084.1)
Last updated on OCTOBER 20, 2020
Oracle Fusion Middleware - Version 22.214.171.124.0 and later Oracle Application Server Single Sign-On - Version 10.1.4.0.1 and later Oracle Access Manager - Version 126.96.36.199.0 and later Information in this document applies to any platform.
The purpose of this note is to discuss the setting of cookie attributes that affect the security of cookies.
The scope of this document is limited to the setting of the "secure" and "httponly" attributes of session cookies for Fusion Middleware 11g solutions.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!