You are viewing the documentation for Blueriq 13. Documentation for other versions is available in our documentation directory.

 

Blueriq session & cookie

Blueriq Runtime and Publisher are using the HTTP session to store data before it is persisted. As stated by OWASP, the session timeout should be set as low as possible (https://www.owasp.org/index.php/Session_Timeout). Depending on your infrastructure it is possible to set the Secure flag of the cookie (https://www.owasp.org/index.php/SecureFlag). Both the session timeout and the secure flag can be configured by following the steps in the articles below:

By default Secure flag of the cookie is disabled.

To enable, set an environment property with the value:

BLUERIQ_SECURE_SESSION_COOKIE=true
  • No labels

2 Comments

  1. Erwin Schouten

    Both links are broken

    How to configure the Blueriq Runtime Session and Publisher Session.

    1. Unknown User (r.arts)

      Fixed

Didn't find the answer you were looking for? Try the advanced search