The reported vulnerability of Security Misconfiguration (Cookie without Secure Flag) is found valid is reported by the security team.I am using spring mvc. TO mitigate this security i am trying to use servletContext.getSessionCookieConfig().setSecure(true); to fix the issue, the application is not getting started. I am using WebSphare server to deploy the application.
TO mitigate this security i am trying to use servletContext.getSessionCookieConfig().setSecure(true);