Example usage for javax.servlet SessionCookieConfig isHttpOnly

List of usage examples for javax.servlet SessionCookieConfig isHttpOnly

  1. HOME
  2. Java
  3. javax
  4. javax.servlet.*
  5. SessionCookieConfig
  6. isHttpOnly

Introduction

In this page you can find the example usage for javax.servlet SessionCookieConfig isHttpOnly.

Prototype

public boolean isHttpOnly();

Source Link

Document

Checks if the session tracking cookies created on behalf of the application represented by the <tt>ServletContext</tt> from which this <tt>SessionCookieConfig</tt> was acquired will be marked as <i>HttpOnly</i>.

Usage

From source file:com.thoughtworks.go.server.Jetty9ServerTest.java

@Test
public void shouldSetSessionCookieConfig() throws Exception {
    when(systemEnvironment.isSessionCookieSecure()).thenReturn(true);
    jetty9Server.configure();/*from  w  ww  . j  a  v  a 2s . co  m*/
    jetty9Server.setSessionConfig();
    jetty9Server.startHandlers();

    WebAppContext webAppContext = (WebAppContext) getLoadedHandlers().get(WebAppContext.class);
    SessionCookieConfig sessionCookieConfig = webAppContext.getSessionHandler().getSessionCookieConfig();
    assertThat(sessionCookieConfig.isHttpOnly(), is(true));
    assertThat(sessionCookieConfig.isSecure(), is(true));
    assertThat(sessionCookieConfig.getMaxAge(), is(5678));

    when(systemEnvironment.isSessionCookieSecure()).thenReturn(false);
    jetty9Server.setSessionConfig();
    assertThat(sessionCookieConfig.isSecure(), is(false));
}