<div>
<div class="content wysiwyg-content">
We provide a web application as a product. It is important that the &quot;secure&quot; and &quot;httpOnly&quot; flags be enabled for cookies but we have no control over this - rather it is the customer's IT.<br />
<br />
We do not handle the cookies in our web app - the web server does and it can be any (Tomcat/Weblogic/Websphere<wbr />)<br />
<br />
Is there a way in Java that our web application can check if the web server was configured for &quot;secure&quot; and &quot;httpOnly&quot;?<br />
That way we can inform the admin that the web server is not securely configured.
</div>
</div>


We provide a web application as a product. It is important that the "secure" and "httpOnly" flags be enabled for cookies but we have no control over this - rather it is the customer's IT.

We do not handle the cookies in our web app - the web server does and it can be any (Tomcat/Weblogic/Websphere)

Is there a way in Java that our web application can check if the web server was configured for "secure" and "httpOnly"?
That way we can inform the admin that the web server is not securely configured.

How can I tell from a java web application that the &quot;secure&quot; and 'httponly&quot; flags for cookies were enabled at the level of the web server (Tomcat/Websphere/Weblogic)?

Web applications are systems that run in browsers that perform functions normally associated with other client-based programs. One of the most commonly used web applications is email; instead of downloading individual emails to a local machine, the data is shown through a website. Other examples of web applications are collaborative systems like a wiki or an online game.

Web Applications

Web development includes all aspects of presenting content on intranets and the Internet, including delivery development, protocols, languages and standards, server software, browser clients, databases and multimedia generation.

Web Development

A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.

How can I tell from a java web application that the &quot;secure&quot; and 'httponly&quot; flags for cookies were enabled at the level of the web server (Tomcat/Websphere/Weblogic)?

How can I tell from a java web application that the "secure" and 'httponly" flags for cookies were enabled at the level of the web server (Tomcat/Websphere/Weblogic)?