SP 2.5 cookieProps

Cantor, Scott cantor.2 at osu.edu
Wed Aug 8 15:44:51 EDT 2012

On 8/8/12 3:36 PM, "Tom Poage" <tfpoage at ucdavis.edu> wrote:
>I'd like a little clarification on configuration inheritance in
><ApplicationOverride> with SP 2.5

It's the same as before. Once you override the Sessions element, all of
the attributes in that element take their default values, they aren't
inherited. It's a functional limitation of the configuration code.

>I expected cookieProps to be inherited, or at least that's how I read
>some of the docs.
>What does <Sessions> within an <ApplicationOverride> inherit? I don't
>recall noticing the warning previously.

It doesn't inherit anything *unless* you don't have the element at all,
because then the request for the "Sessions" property set falls back to the
parent application container. I thought that was stated somewhere, but it
should be clearer on that page.

The warning itself is new, part of a set of warnings for any settings that
are not set to SSL use only, as suggested by Nate and others on the dev
list, to encourage stronger settings.

-- Scott

More information about the users mailing list