[jboss-jira] [JBoss JIRA] Updated: (JBWEB-107) Cross Domain JSESSIONID Cookie
Mike Millson (JIRA)
jira-events at lists.jboss.org
Wed May 21 16:21:59 EDT 2008
[ http://jira.jboss.com/jira/browse/JBWEB-107?page=all ]
Mike Millson updated JBWEB-107:
-------------------------------
Attachment: SessionCookiePathValve.java
> Cross Domain JSESSIONID Cookie
> ------------------------------
>
> Key: JBWEB-107
> URL: http://jira.jboss.com/jira/browse/JBWEB-107
> Project: JBoss Web
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Tomcat Module
> Reporter: Mike Millson
> Assigned To: Remy Maucherat
> Attachments: SessionCookiePathValve.java
>
>
> Currently the JSESSIONID cookie domain is set to the domain name of the Host that emits the cookie (e.g. www.domain.com). This is an issue with customers using Aliases (e.g. secure.domain.com, zzz.domain.com, etc.), as the session is lost when switching between the main domain and any aliases. In these cases, it would be useful to be able to specify the domain to be "domain.com" so the same JSESSIONID cookie is used across the aliases and converges to the same session.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list