diff --git a/openbis_standard_technologies/resource/server/jetty-web.xml b/openbis_standard_technologies/resource/server/jetty-web.xml
index 0ddbc770e44fa5ba1c66e97fcfca0ee7f0777d70..e88a2c193448c3946906281d1076c66dcca49a0c 100644
--- a/openbis_standard_technologies/resource/server/jetty-web.xml
+++ b/openbis_standard_technologies/resource/server/jetty-web.xml
@@ -5,4 +5,10 @@
 	<Call name="addAliasCheck">
 	  <Arg><New class="org.eclipse.jetty.server.handler.AllowSymLinkAliasChecker"/></Arg>
 	</Call>
+    <Get name="sessionHandler">
+      <Get name="sessionCookieConfig">
+        <Set name="secure" type="boolean">true</Set>
+        <Set name="httpOnly" type="boolean">true</Set>
+      </Get>
+    </Get>
 </Configure>
\ No newline at end of file