I made a listener, which sets secure flag on cookie, according set secure flag on cookie programatically And I want to enable or disable this flag automatically as in secure flag on session cookies in a java How to get request from ServletContextEvent? Is it other way to do it?
public class SecureCookieServletContextListener implements ServletContextListener {
private static final String LB_HTTPS_HEADER = "Front-End-Https";
@Override public void contextInitialized(final ServletContextEvent sce) {
final String httpsHeader = request.getHeader(LB_HTTPS_HEADER);
boolean secure = httpsHeader != null && httpsHeader.equalsIgnoreCase("on");
sce.getServletContext().getSessionCookieConfig().setSecure(secure);
}
}