secure and httponly cookies
lucas at slcoding.com
Mon Mar 7 20:00:48 UTC 2016
Without knowing much about webseal (only simple googling), webseal
really seems to be a very custom IBM product that does one thing:
Integrate into Tivoli Access Manager - meaning they've very specific
features (such as single sign-on) etc.
nginx is a general webserver, it doesn't hook into your backend system,
usually you proxy some requests to it, or serve some files.
The only way I can think of, is by using LUA to rewrite the Set-Cookie
headers, but it's not really a nice solution.
krishna at brocade.com wrote:
> Thanks for the response.
> Yes, i understand that. But here they dont create a secure or httponly
> cookie in the backend (webseal/ibm portal).
> Earlier we were using ibm http server (IHS) and were adding these flags in
> the web server itself.
> Now we are trying to replace IHS with nginx but not able to accomplish the
> same here.
> Posted at Nginx Forum: https://forum.nginx.org/read.php?2,265137,265140#msg-265140
> nginx mailing list
> nginx at nginx.org
More information about the nginx