CUIC Queries

Version 1
    This document was generated from CDN thread

    Created by: Gajanan Pande on 03-10-2011 11:53:03 PM
    Hi,

    Could you please help me with answers to following queries ?

    1. In CUIC how to set HTTP Only attribute on all cookies so that we can restrict Cross Site Scripting ?
     
    2. How do we protect session cookies those may be sent over unencrypted channels, allowing for the possible intercept or logging of session credentials in CUIC ?

    3. How do we protect, Database Connection strings and cookies to be transmitted in the clear text in CUIC ? is HTTPS the way going forward ?

    4. How we can prevent concurrent session, multiple users to simultaneously login to the web application, with the same user credentials, so that at any given time, only one user session per valid set of credentials is permitted to access the application ?

    TIA

    GP.