Hello,
I'm working to integrate a legacy SSO system with undertow (Wildfly 10), and this SSO
is also used with JBoss 4 and 6.
Its strategy is to share the same JSESSIONID between all the applications running inside
all those servers.
In my custom Authentication Mechanism, I retrieve the session id that will be used for
this session, but just after invoking SecurityContext#authenticationComplete, a new
session is created, which takes me to have two session cookies. I mean, they both are
named JSESSIONID.
I could find a way to remove this one created by undertow, but I'm not sure this is
the best approach.
What do you suggest me to do is this scenario?
_______________
Vinicius Kopcheski