[jboss-jira] [JBoss JIRA] Commented: (JBWEB-107) Cross Domain JSESSIONID Cookie
Remy Maucherat (JIRA)
jira-events at lists.jboss.org
Wed May 21 17:58:59 EDT 2008
[ http://jira.jboss.com/jira/browse/JBWEB-107?page=comments#action_12413616 ]
Remy Maucherat commented on JBWEB-107:
--------------------------------------
You can wrap. I am not implementing this right now, since the next servlet spec will add session cookie configuration, and I don't want to add some duplicate conflicting configuration as part of a quick hack.
> Cross Domain JSESSIONID Cookie
> ------------------------------
>
> Key: JBWEB-107
> URL: http://jira.jboss.com/jira/browse/JBWEB-107
> Project: JBoss Web
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Tomcat Module
> Reporter: Mike Millson
> Assigned To: Remy Maucherat
> Attachments: SessionCookiePathValve.java
>
>
> Currently the JSESSIONID cookie domain is set to the domain name of the Host that emits the cookie (e.g. www.domain.com). This is an issue with customers using Aliases (e.g. secure.domain.com, zzz.domain.com, etc.), as the session is lost when switching between the main domain and any aliases. In these cases, it would be useful to be able to specify the domain to be "domain.com" so the same JSESSIONID cookie is used across the aliases and converges to the same session.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list