set 'secure' flag to JSESSION id cookie

Question

I want to set \'secure\' flag to JSESSIONID cookie . Is there a configuration in tomcat 6 for this ?

I tried by setting \'secure=\"true\"\' in \'Connector\' (8080) e

Answer 1

For nginx proxy it could be solved easy in nginx config:

if ($scheme = http) {
    return 301 https://$http_host$request_uri;
}

proxy_cookie_path / "/; secure";