We want to secure our icCube installation, especially the WEB APP. We found that with Jetty we should be able to put the following in a web.xml:
<session-config>
<cookie-config>
<comment>__SAME_SITE_STRICT__</comment>
<http-only>true</http-only>
<secure>true</secure>
</cookie-config>
</session-config>
How do wet set this in icCube? I don't see this file and wouldn't know where to place it.
There is no way to directly setup Jetty native configuration. For production setup, icCube is usually placed behind the company Web server and as such does not require much configuration.
Should you need to pass those parameters to Jetty, icCube would need add them to the icCube.xml. Please contact icCube support for this kind of request.
Hope that helps.