How to set http only (HTTPOnly) cookie in SiteMinder web agent?

Document ID : KB000054313
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Agent Configuration Object (ACO) parameter "UseHTTPOnlyCookies" will help to create a http only cookie for SiteMinder web agent.

Solution:

A new Agent Configuration Object (ACO) parameter "UseHTTPOnlyCookies" is introduced in 6QMR5 HF06 to create http only cookies in SiteMinder web agent. This parameter will add HTTPOnly flag to all SiteMinder cookies if the value is set to YES. The cookies in which the HTTP-Only attribute would be added are as follows:

  SMSESSION Cookie 
  SMIDENTITY Cookie 
  SMUSRMSG Cookie 
  SMTEXT Cookie 
  SMTRYNO Cookie 
  SMSAVECRED/SMDATA Cookie 
  SMCHALLENGE Cookie 
  SMDOMINODATA Cookie 
  SMONDENIEDREDIR Cookie 
  SMSAVEDSESSION Cookies 
  NTLMCRED Cookie 
  SSLCRED Cookie 
  FORMCRED Cookie