Java Agents 2024.9

Enable HTTP Only Cookies

When true, cookies are flagged as HTTPOnly. Use this property to prevent scripts and third-party programs from accessing the cookies.

Property name

com.sun.identity.cookie.httponly

Aliases

com.sun.identity.cookie.httponly
  Introduced in Java Agent 5.0
  Recognized from AM 7

Function

Cookie

Type

Boolean: true returns true; all other strings return false.

Default

true

Bootstrap property

No

Required property

No

Restart required

No

Local configuration file

AgentConfig.properties

AM console

Tab: SSO (from AM 7)

Title: Enable HTTP Only Cookies

Legacy title: Http Only