[jboss-jira] [JBoss JIRA] (WFLY-3033) Better SSO configuration

Tin Tvrtkovic created WFLY-3033: ----------------------------------- Summary: Better SSO configuration Key: WFLY-3033 URL: https://issues.jboss.org/browse/WFLY-3033 Project: WildFly Issue Type: Feature Request Security Level: Public (Everyone can see) Components: Web (Undertow) Affects Versions: 8.0.0.Final Reporter: Tin Tvrtkovic Assignee: Stuart Douglas When enabling Undertow SSO in standalone.xml, the only option to tweak is the cookie domain. My life would be made easier by two changes: 1) If the domain is not specified, the SSO cookie should have no domain set. This will make the browser apply the domain from the URL being requested. Currently the cookie domain gets populated with a value from the enclosing XML element. 2) There's no way of setting the cookie path, which makes this less useful for services on different URLs. I propose adding a path attribute to the SSO XML element, which would set the cookie path. For example: <single-sign-on path="/" /> Right now my workaround is to use my reverse proxy (Apache) to edit response headers and modify the cookie, removing the domain and adding the path. If anyone else needs the workaround: Header edit Set-Cookie "^JSESSIONIDSSO=([^; ]+).+" "JSESSIONIDSSO=$1; path=/" -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira