We recommend that you set the portal EPCM data bag cookie to be delivered in secure mode to
meet all security standards. This indicates to the browser that the cookie should
only be sent using a secure protocol, such as HTTPS or SSL.
Procedure
In SAP NetWeaver Administrator, access the following portal application and service:
Portal application:
com.sap.portal.epcf.loader
Service: epcfloader
Set the epcf.databag.enforce.secure.cookie
property value to true.
This marks the logon ticket as a secure cookie, to enforce that the client
browser sends the cookie only when an SSL connection to the J2EE Engine or
the reverse proxy is established.