This article has been archived and is no longer maintained by ForgeRock.
You should add the following properties to the DAS configuration file for each DAS instance:
- HTTPOnly: com.sun.identity.cookie.httponly=true
- Secure: com.iplanet.am.cookie.secure=true
It is recommended that you also add the following property if you have enabled HTTPOnly cookies due to the way some web containers (like Apache Tomcat™) parse cookies that contain special characters:
The DAS configuration file is located in the $HOME/FAMDistAuth directory and is called *AMDistAuthConfig.properties.