JSESSIONID cookie without Secure flag

Modified on: Thu, 23 Jan, 2020 at 5:11 AM

Operations Automation Operations Automation:7.0 Operations Automation:7.x

Symptoms

Cookie JSESSIONID does not have Secure flag when Control Panel is accessed via HTTPS.

Cause

This is caused by software-related issue #POA-110508.

Resolution

This issue will be resolved in one of the future product updates. Contact your Technical Account Manager or Pooled Technical Associate Team (pta@odin.com) in order to trace the current status of #POA-110508.

Workaround:

Add the following line into .htaccess file of the brand:
```
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
```
Restart Apache on the branding node:
```
service httpd restart
```

Internal content

Did you find it helpful? Yes No