I have the below requirement could someone provide inputs as what could be done
Please suggest a way to achieve this in CQ5 version 5.6.1
enable aem with ssl. https://docs.adobe.com/docs/en/cq/5-6-1/deploying/config-ssl.html
I know this is an old question, but our team ran into a very similar issue and I posted details of our solution here: https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/aem-session-cookie-with-ht...
Please find below some reference article which could come as a help to you:-
// If the request is over https out of the box should be setting the secure flag on all cookies. In case you are terminating SSL on another layers like lb, dispatcher configure Felix SSL Filter. You can also set using api.
Link :- http://www.adobe.com/devnet/coldfusion/articles/coldfusion-securing-apps.html
Link :- https://blogs.oracle.com/jluehe/entry/ow_to_configure_the_security
I think this come as a help to you.
Thanks and Regards
In the above provided link there was no clue to set secure flag for 'login-token' cookie and sessionPersistence cookie.
Here is an older thread that talks about similar ( HTTPOnly and SECURE FLAG for session cookies😞