Hello

We use JBoss 4.0.3SP1 for web applications. I'm wondering what I can do to set session cookies going out to be secure and httpOnly. As a newbie in JBoss, I'd truly appreciate any helps/hints you may have.

Yoshita