Hi -
I'm upgrading from jetty 6.1.22 to 8.1.8 and I've notice that the configuration for setting cookies to be secure has moved under a layer of indirection. I'm having trouble configuring it and I'm hoping someone on this list can clue me in to what I'm doing wrong.
Basically, in 6.1.22 I could do this:
<Get name="sessionHandler">
<Get name="sessionManager">
<Set name="secureCookies">true</Set>
</Get>
</Get>
In 8.1.8 it looks like the code path should be:
WebAppContext.getSessionHandler().getSessionManager().getSessionCookieConfig().setSecure(true);
Seems straight forward enough.
So here's my new context configuration:
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="sessionHandler">
<Get name="sessionManager">
<Get name="sessionCookieConfig">
<Set name="secure" type="boolean">true</Set>
</Get>
</Get>
</Get>
But when I start jetty, the context dies with this error in the logs:
oejx.XmlConfiguration:Config error at true java.lang.NoSuchMethodException: class org.eclipse.jetty.server.session.AbstractSessionManager$2.setSecure(boolean)
Why is it trying to call setSecure on the sessionManager instead of the sessionManager's sessionCookieConfig?
Any thoughts?
Thanks in advance!
Tom
