IBM Support

Securing JSESSIONID cookie for the admin console

Troubleshooting


Problem

The Admin console leverages the JSESSIONID cookie to keep session state without using the cookie secure flag. If an installation wishes to enable the secure flag on the JSESSION Cookie, the following procedure can be used.

Resolving The Problem

A script is provided to enable the secure flag for the administrative console. This is being provided in as script as in order to enable. Run the secureConsole.py enable to enable the secure flag on the JSESSION Cookie for the administrative console. This change will restart the administrative console application immediately on completion of the script. Please insure that the no updates are being made using the console when the script is run.

1) Run the script as follow:



wsadmin -lang jython -user xxxx -password xxxx -f secureConsole.py enable

2) After running this script, the defaultCookieSetting secure flag is set to true in the
profiles\dmgr\config\cells\cellName\applications\isclite.ear\deployments\isclite\deployment.xml
---------
<defaultCookieSettings xmi:id="Cookie_xxxxxx" domain="" maximumAge="-1" path="/ibm" secure="true"/>
---------

3) restart dmgr

secureConsole.py

[{"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Administrative Console (all non-scripting)","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF014","label":"iOS"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"8.5;8.0;7.0;6.1","Edition":"Advanced;Base;Developer;Enterprise;Express;Network Deployment;Single Server","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
15 June 2018

UID

swg21661738