0 Replies Latest reply on Apr 25, 2019 4:07 AM by thomas_schindler

    How to set "SameSite=Strict" to a session cookie in WildFly 14 for a JSF 2.3 application




      I'm developing a JSF 2.3 application with PrimeFaces 7.01, deploying on a WildFly 14 application server. Because of security requirements I have to set the "SameSite=Strict" attribute to the http session cookie.


      I tried to set the attribute programmatically following this StackOverflow thread: java - How to set SameSite attribute? - Stack Overflow


      But as it turns out, the session cookie is obviously overwritten by the container.


      Is there a possibility to configure the attribute in the wildfly configuration?


      Kindest Regards