Closed benjaminhilaire closed 6 years ago
This is being fixed in PR #34 Problem occurred as library was setting secure cookie only when the request was over secure channel. In particular case the incoming request was not detected by server as over secured channel, as it was behind a load balancer that was terminating HTTPS traffic.
The issue has been fixed in version 0.4.7.
Hello, Even if we set the value com.amadeus.session.cookie.secure to true, the cookie is created by HttpSessionReplacer but not secure