[jboss-jira] [JBoss JIRA] Updated: (JBWEB-107) Session cookie configuration

Session cookie configuration ---------------------------- Key: JBWEB-107 URL: https://issues.jboss.org/browse/JBWEB-107 Project: JBoss Web Issue Type: Feature Request Security Level: Public(Everyone can see) Components: Core Reporter: Mike Millson Assignee: Remy Maucherat Fix For: JBossWeb-2.1.1.GA Attachments: customvalve.zip, customvalve2.zip, customvalve3.zip, SessionCookiePathValve.java Currently the JSESSIONID cookie domain is set to the domain name of the Host that emits the cookie (e.g. www.domain.com). This is an issue with customers using Aliases (e.g. secure.domain.com, zzz.domain.com, etc.), as the session is lost when switching between the main domain and any aliases. In these cases, it would be useful to be able to specify the domain to be "domain.com" so the same JSESSIONID cookie is used across the aliases and converges to the same session.