|
|
|
You can specify that session cookies are only sent between a protected web server and the requesting browser over secure (HTTPS) connections using the following parameter:
Sends cookies to web servers using secure (HTTPS) connections. Enable this parameter to increase security between browsers and web servers.
When this setting is enabled, users in single sign-on environments who move from an SSL web server to a non-SSL web server will have to reauthenticate. Secure cookies cannot be passed over traditional HTTP connections.
Default: No
To send cookies over SSL connections, set the UseSecureCookies parameter to yes.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |