Hi,

I'm developing a JSF 2.3 application with PrimeFaces 7.01, deploying on a WildFly 14 application server. Because of security requirements I have to set the "SameSite=Strict" attribute to the http session cookie.

I tried to set the attribute programmatically following this StackOverflow thread: java - How to set SameSite attribute? - Stack Overflow

But as it turns out, the session cookie is obviously overwritten by the container.

Is there a possibility to configure the attribute in the wildfly configuration?

Kindest Regards

Thomas