]
Mike Millson updated JBWEB-107:
-------------------------------
Attachment: SessionCookiePathValve.java
Cross Domain JSESSIONID Cookie
------------------------------
Key: JBWEB-107
URL:
http://jira.jboss.com/jira/browse/JBWEB-107
Project: JBoss Web
Issue Type: Feature Request
Security Level: Public(Everyone can see)
Components: Tomcat Module
Reporter: Mike Millson
Assigned To: Remy Maucherat
Attachments: SessionCookiePathValve.java
Currently the JSESSIONID cookie domain is set to the domain name of the Host that emits
the cookie (e.g.
www.domain.com). This is an issue with customers using Aliases (e.g.
secure.domain.com,
zzz.domain.com, etc.), as the session is lost when switching between
the main domain and any aliases. In these cases, it would be useful to be able to specify
the domain to be "domain.com" so the same JSESSIONID cookie is used across the
aliases and converges to the same session.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: