Last updated on MARCH 08, 2017
Applies to:COREid Access - Version 10.1.4.3.0 and later
Information in this document applies to any platform.
Oracle Access Manager 10g r3 (OAM 10.1.4.3)
ssocookie:httponly/disablehttponly as set in the authentication scheme setting
OAM 10g: What is the Purpose of the OAM Authentication Scheme Parameter "ssocookie:httponly"
Setting the ssocookie:httponly flag does not cause the obssocookie to refresh immediately leaving it visible to clients if the obssocookie was previously set without httponly
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms