HCL TECHNOLOGIES ABOUT US PRODUCTS & SOLUTIONS RESOURCES CONTACT US

Home
HCL Marketing Platform Administrator's Guide
HCL® Marketing Platform provides security, configuration, notification, and dashboard features for HCL® Marketing Software products.
This section describes one-way SSL in HCL® Marketing Software.
On every application server on which an HCL® Marketing Software application is deployed, configure the web application server to use the certificates you have decided to employ.
Some cookies may not be properly secured in the client browser. Not securing cookies leaves the application vulnerable to man-in-the-middle and session hijacking attacks. To fix this issue, take the following precautions.
To set the secure and httponly flags in WebSphere®, use the following procedure.

Setting the flags for SSL in WebSphere

To set the secure and httponly flags in WebSphere®, use the following procedure.

About this task

You set the secure and httponly flags in the WebSphere administrative console.

Tip: See the WebSphere documentation for complete details.

At the application level for Marketing Platform, navigate to Session Management and click Enable cookies.
Check Restrict cookies to HTTPS sessions and Set session cookies to HTTPOnly to help prevent cross-site scripting attacks.
Save and apply your changes.
Stop and re-start the Marketing Platform application.