Can SiteMinder session cookies be configured to be issued with the Secure flag?